[GH-ISSUE #3230] [Feature Request] 是否有来源IP控制 #2591

New issue

Closed

opened 2026-05-05 13:40:10 -06:00 by gitea-mirror · 4 comments

gitea-mirror commented 2026-05-05 13:40:10 -06:00

Owner

Copy link

Originally created by @Guation on GitHub (Dec 29, 2022).
Original GitHub issue: https://github.com/fatedier/frp/issues/3230

Describe the feature request

最近在检查frps日志的时候发现映射的ssh端口存在大量来自境外IP的连接请求 已经把sshd配置成了仅证书登录 但是这些爆破扫描一点没少 还是在锲而不舍的尝试连接 能不能在frps配置一个指定IP比如中国大陆IP连接ssh端口的时候就把数据转发到frpc可以尝试进行登录 境外IP连接ssh端口请求直接丢弃掉请求不响应任何数据

Describe alternatives you've considered

No response

Affected area

• Docs
• Installation
• Performance and Scalability
• Security
• User Experience
• Test and Release
• Developer Infrastructure
• Client Plugin
• Server Plugin
• Extensions
• Others

Originally created by @Guation on GitHub (Dec 29, 2022). Original GitHub issue: https://github.com/fatedier/frp/issues/3230 ### Describe the feature request 最近在检查frps日志的时候发现映射的ssh端口存在大量来自境外IP的连接请求 已经把sshd配置成了仅证书登录 但是这些爆破扫描一点没少 还是在锲而不舍的尝试连接 能不能在frps配置一个指定IP比如中国大陆IP连接ssh端口的时候就把数据转发到frpc可以尝试进行登录 境外IP连接ssh端口请求直接丢弃掉请求不响应任何数据 ### Describe alternatives you've considered _No response_ ### Affected area - [ ] Docs - [ ] Installation - [ ] Performance and Scalability - [ ] Security - [X] User Experience - [ ] Test and Release - [ ] Developer Infrastructure - [X] Client Plugin - [X] Server Plugin - [ ] Extensions - [ ] Others

gitea-mirror closed this issue 2026-05-05 13:40:11 -06:00

gitea-mirror commented 2026-05-05 13:40:13 -06:00

Author

Owner

Copy link

@Becods commented on GitHub (Dec 29, 2022):

善用iptables

<!-- gh-comment-id:1367291009 --> @Becods commented on GitHub (Dec 29, 2022): 善用iptables

gitea-mirror commented 2026-05-05 13:40:15 -06:00

Author

Owner

Copy link

@Guation commented on GitHub (Dec 29, 2022):

善用iptables

那个加一两个IP还好 如果要过滤整个大陆IP还是太麻烦了

<!-- gh-comment-id:1367310390 --> @Guation commented on GitHub (Dec 29, 2022): > 善用iptables 那个加一两个IP还好 如果要过滤整个大陆IP还是太麻烦了

gitea-mirror commented 2026-05-05 13:40:15 -06:00

Author

Owner

Copy link

@Becods commented on GitHub (Jan 1, 2023):

善用iptables

那个加一两个IP还好 如果要过滤整个大陆IP还是太麻烦了

没有什么是一个bash解决不了的

#!/bin/bash
for i in `curl https://www.ipdeny.com/ipblocks/data/countries/cn.zone|egrep -v "^#|^$"`;do
	/sbin/iptables -A INPUT -s $i -j DROP
done

<!-- gh-comment-id:1368367423 --> @Becods commented on GitHub (Jan 1, 2023): > > 善用iptables > > 那个加一两个IP还好 如果要过滤整个大陆IP还是太麻烦了 没有什么是一个bash解决不了的 ``` #!/bin/bash for i in `curl https://www.ipdeny.com/ipblocks/data/countries/cn.zone|egrep -v "^#|^$"`;do /sbin/iptables -A INPUT -s $i -j DROP done ```

gitea-mirror commented 2026-05-05 13:40:16 -06:00

Author

Owner

Copy link

@Guation commented on GitHub (Jan 1, 2023):

善用iptables

那个加一两个IP还好 如果要过滤整个大陆IP还是太麻烦了

没有什么是一个bash解决不了的

#!/bin/bash
for i in `curl https://www.ipdeny.com/ipblocks/data/countries/cn.zone|egrep -v "^#|^$"`;do
	/sbin/iptables -A INPUT -s $i -j DROP
done

谢谢

<!-- gh-comment-id:1368372357 --> @Guation commented on GitHub (Jan 1, 2023): > > > 善用iptables > > > > > > 那个加一两个IP还好 如果要过滤整个大陆IP还是太麻烦了 > > 没有什么是一个bash解决不了的 > > ``` > #!/bin/bash > for i in `curl https://www.ipdeny.com/ipblocks/data/countries/cn.zone|egrep -v "^#|^$"`;do > /sbin/iptables -A INPUT -s $i -j DROP > done > ``` 谢谢

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

dev

new

master

copilot/review-pull-request-5198

v0.68.1

v0.68.0

v0.67.0

v0.66.0

v0.65.0

v0.64.0

v0.63.0

v0.62.1

v0.62.0

v0.61.2

v0.61.1

v0.61.0

v0.60.0

v0.59.0

v0.58.1

v0.58.0

v0.57.0

v0.56.0

v0.55.1

v0.55.0

v0.54.0

v0.53.2

v0.53.1

v0.53.0

v0.52.3

v0.52.2

v0.52.1

v0.52.0

v0.51.3

v0.51.2

v0.51.1

v0.51.0

v0.50.0

v0.49.0

v0.48.0

v0.47.0

v0.46.1

v0.46.0

v0.45.0

v0.44.0

v0.43.0

v0.42.0

v0.41.0

v0.40.0

v0.39.1

v0.39.0

v0.38.0

v0.37.1

v0.37.0

v0.36.2

v0.36.1

v0.36.0

v0.35.1

v0.35.0

v0.34.3

v0.34.2

v0.34.1

v0.34.0

v0.33.0

v0.32.1

v0.32.0

v0.31.2

v0.31.1

v0.31.0

v0.30.0

v0.29.1

v0.29.0

v0.28.2

v0.28.1

v0.28.0

v0.27.1

v0.27.0

v0.26.0

v0.25.3

v0.25.2

v0.25.1

v0.25.0

v0.24.1

v0.24.0

v0.23.3

v0.23.2

v0.23.1

v0.23.0

v0.22.0

v0.21.0

v0.20.0

v0.19.1

v0.19.0

v0.18.0

v0.17.0

v0.16.1

v0.16.0

v0.15.1

v0.15.0

v0.14.1

v0.14.0

v0.13.0

v0.12.0

v0.11.0

v0.10.0

v0.9.3

v0.9.2

v0.9.1

v0.9.0

v0.8.1

v0.8.0

v0.7.0

v0.6.0

v0.5.0

v0.3.0

v0.2.0

v0.1.0

Labels

Clear labels   

In Progress

  

WIP

  

WaitingForInfo

  

bug

  

doc

  

duplicate

  

easy

  

enhancement

  

future

  

help wanted

  

invalid

  

lifecycle/stale

  

need-issue-template

  

need-usage-help

  

no plan

  

proposal

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

todo

No labels

In Progress

WIP

WaitingForInfo

bug

doc

duplicate

easy

enhancement

future

help wanted

invalid

lifecycle/stale

need-issue-template

need-usage-help

no plan

proposal

pull-request

question

todo

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/frp#2591

No description provided.