Blocking IP Addresses Of Any Country With iptables

The API to get the IP addresses to block

First you need to know the code (ISO 3166 format) of the country you would like to block. The full list is available HERE ("http://www.blogama.org/country.txt").

Once you have the country code, you can now get the list at the following url (Afghanistan and Argentina in this example):

http://blogama.org/country_query.php?country=AF,AR

If you dont see IP addresses by lines, view the page code.

http://www.howtoforge.com/blocking-ip-addresses-of-any-country-with-iptables
---------------------
Q. How do I block an IP address or subnet under Linux operating system?

A. In order to block an IP on your Linux server you need to use iptables tools (administration tool for IPv4 packet filtering and NAT) and netfilter firewall. First you need to log into shell as root user. To block IP address you need to type iptables command as follows:
Syntax to block an IP address under Linux

iptables -A INPUT -s IP-ADDRESS -j DROP

Replace IP-ADDRESS with actual IP address. For example if you wish to block ip address 65.55.44.100 for whatever reason then type command as follows:
# iptables -A INPUT -s 65.55.44.100 -j DROP
If you have IP tables firewall script, add above rule to your script.

If you just want to block access to one port from an ip 65.55.44.100 to port 25 then type command:
# iptables -A INPUT -s 65.55.44.100 -p tcp --destination-port 25 -j DROP
The above rule will drop all packets coming from IP 65.55.44.100 to port mail server port 25.
http://www.cyberciti.biz/faq/how-do-i-block-an-ip-on-my-linux-server/