@filips said in Drop/reject all packets from region:
Since it is GCE free tier, it could hog your resources a bit.
Yeah, I considered that but figured it will only need to run once a day/week and slow down the system while it's running. The question is really how long it will need to finish. 30 min slowdown I can live with, 6 hours is probably going to be a pain in the backside..
Other aspect is that you will have to rely to some website/API on accuracy of the list.
Yes, but it shouldn't matter if it's not 100% accurate as long as it stops the majority of the traffic. But yes, if the website goes down/API changes it won't work anymore.
could potentially in theory lock you out.
Yes, that's a good point. The only ports that are open are 22/80/443. It should probably just drop packets on 80/443 and respond to 22 regardless of location. Then I'll have access to manually correct it if needed.
If you want the script, it would be probably best to allow only your country
Yeah, I figured that might be the best option as there's a lot less people in my country than in Asia:)
Have you heard of CloudFlare - free tier ? For more info visit https://www.cloudflare.com
I've heard of them but never used them. I'll have a look and see if that's potentially a better option. Thanks for the suggestion, I'll get back to you and let you know what I find.