Boppity Bop

Asked: 2021-02-10 14:15:39 +0800 CST2021-02-10 14:15:39 +0800 CST 2021-02-10 14:15:39 +0800 CST

Block China on GCP/VM firewall

772

is there a way to geo block China from connecting my GCP VMs?

I see this item in my billing:

Network Internet Egress from Americas to China

Can I block the whole lot?

Is there a way to investigate what kind of IPs are connecting? (I know you can add logging rules to the GCP firewall but I am fuzzy on the details)..

If none of the above possible - is there a public list of rules for Linux firewalls (CentOS 8) to block IPs by countries?

1 Answers

Voted

Best Answer

Alex G
2021-02-10T22:35:04+08:002021-02-10T22:35:04+08:00
There are several ways to achieve your use case. With GCP product, you can use Cloud Armor for a location-based traffic filtering through its Web Application Firewall.

Here are several threads that can also help you on your use case:

https://stackoverflow.com/questions/23682114/google-app-engine-block-incoming-traffic-by-country

Relatively easy way to block all traffic from a specific country?

https://stackoverflow.com/questions/29704635/allow-only-specific-countries-to-connect-to-vm

https://stackoverflow.com/questions/26168240/google-cloud-block-incoming-connections

https://stackoverflow.com/questions/35000410/block-offending-ip-from-google-compute-instance
2

Web Analytics Made Easy - Statcounter