해외 IP 차단해제
1) iptables 정책 확인
ㄴ 해외 IP 차단정책 설정되어 있는 부분 확인
# iptables -nvL
Chain INPUT (policy ACCEPT 10M packets, 5794M bytes)
pkts bytes target prot opt in out source destination
1374 495K ACCEPT all -- * * 127.0.0.1 0.0.0.0/0
277 95298 ACCEPT all -- * * 216.58.197.0/24 0.0.0.0/0
419 147K ACCEPT all -- * * 172.217.25.0/24 0.0.0.0/0
143 49661 ACCEPT all -- * * 172.217.27.0/24 0.0.0.0/0
143 49553 ACCEPT all -- * * 172.217.31.0/24 0.0.0.0/0
187 64583 ACCEPT all -- * * 172.217.26.0/24 0.0.0.0/0
132 45839 ACCEPT all -- * * 172.217.24.0/24 0.0.0.0/0
0 0 ACCEPT all -- * * 216.58.220.0/24 0.0.0.0/0
0 0 ACCEPT all -- * * 216.58.0.0/24 0.0.0.0/0
0 0 ACCEPT all -- * * 172.217.9.0/24 0.0.0.0/0
0 0 ACCEPT all -- * * 172.217.0.0/24 0.0.0.0/0
0 0 ACCEPT all -- * * 216.58.0.0/24 0.0.0.0/0
380K 105M DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Source country: ! KR
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 8270K packets, 22G bytes)
pkts bytes target prot opt in out source destination
2) 해외 IP 차단 정책 삭제
# iptables -D INPUT -m geoip ! --source-country KR -j DROP
3) iptables 정책 저장
# /etc/init.d/iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
4) iptables 정책 삭제 확인
# iptables -nvL
Chain INPUT (policy ACCEPT 311 packets, 30325 bytes)
pkts bytes target prot opt in out source destination
1374 495K ACCEPT all -- * * 127.0.0.1 0.0.0.0/0
277 95298 ACCEPT all -- * * 216.58.197.0/24 0.0.0.0/0
419 147K ACCEPT all -- * * 172.217.25.0/24 0.0.0.0/0
143 49661 ACCEPT all -- * * 172.217.27.0/24 0.0.0.0/0
143 49553 ACCEPT all -- * * 172.217.31.0/24 0.0.0.0/0
187 64583 ACCEPT all -- * * 172.217.26.0/24 0.0.0.0/0
132 45839 ACCEPT all -- * * 172.217.24.0/24 0.0.0.0/0
0 0 ACCEPT all -- * * 216.58.220.0/24 0.0.0.0/0
0 0 ACCEPT all -- * * 216.58.0.0/24 0.0.0.0/0
0 0 ACCEPT all -- * * 172.217.9.0/24 0.0.0.0/0
0 0 ACCEPT all -- * * 172.217.0.0/24 0.0.0.0/0
0 0 ACCEPT all -- * * 216.58.0.0/24 0.0.0.0/0
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 366 packets, 791K bytes)
pkts bytes target prot opt in out source destinatio