Computer
0

Limit your SSH logins using GeoLite2 Country

by Le Kevin · Published April 12, 2019 · Updated April 12, 2019

#!/bin/bash

# UPPERCASE space-separated country codes to ACCEPT
ALLOW_COUNTRIES="US"

if [ $# -ne 1 ]; then
  echo "Usage:  `basename $0` <ip>" 1>&2
  exit 0 # return true in case of config issue
fi

#COUNTRY=`/usr/local/bin/geoiplookup $1 | awk -F ": " '{ print $2 }' | awk -F "," '{ print $1 }' | head -n 1`

COUNTRY=$(/usr/local/bin/mmdblookup -f /usr/share/GeoIP/GeoLite2-Country.mmdb -i $1 country iso_code 2>&1| awk -F '"' '{ print $2 }'|head -n 2|tail -n 1)
COUNTRY=${COUNTRY:=IP Address not found}

[[ $COUNTRY = "IP Address not found" || $ALLOW_COUNTRIES =~ $COUNTRY ]] && RESPONSE="ALLOW" || RESPONSE="DENY"

if [ $RESPONSE = "ALLOW" ]
then
  logger -p auth.notice "$RESPONSE sshd connection from $1 ($COUNTRY)"
  exit 0
else
  logger -p auth.notice "$RESPONSE sshd connection from $1 ($COUNTRY)"
  logger "$RESPONSE sshd connection from $1 ($COUNTRY)"
  exit 1
fi

via:
https://www.axllent.org/docs/view/ssh-geoip/
https://github.com/maxmind/libmaxminddb#from-a-named-release-tarball
http://disq.us/p/201otjz

Share

Le Kevin

software engineer, photographer

You may also like...

Leave a Reply Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.