Block server ip COD cold war

hello everybody i would like block server of call of duty who are so long of my home

i use ipset for block

i'm in france this is my list for cold war but i'm note sure,

i has keep only server france and deutch

iptables -A INPUT -s 108.61.97.45 -j DROP
iptables -A INPUT -s 107.6.150.82  -j DROP
iptables -A INPUT -s 95.177.146.31  -j DROP
iptables -A INPUT -s 35.172.121.239  -j DROP
iptables -A INPUT -s 69.36.183.72 -j DROP
iptables -A INPUT -s 69.36.183.65 -j DROP
iptables -A INPUT -s 52.73.176.44 -j DROP
iptables -A INPUT -s 3.17.59.170 -j DROP
iptables -A INPUT -s 3.131.160.203 -j DROP
iptables -A INPUT -s 199.116.113.145 -j DROP
iptables -A INPUT -s 199.116.113.137 -j DROP
iptables -A INPUT -s 108.61.125.17 -j DROP
iptables -A INPUT -s 104.238.139.26 -j DROP
iptables -A INPUT -s 108.61.232.39 -j DROP
iptables -A INPUT -s 24.105.52.245 -j DROP
iptables -A INPUT -s 24.105.52.197 -j DROP
iptables -A INPUT -s 96.30.208.246 -j DROP
iptables -A INPUT -s 148.72.173.73 -j DROP
iptables -A INPUT -s 148.72.171.171 -j DROP
iptables -A INPUT -s 66.42.88.254 -j DROP
iptables -A INPUT -s 63.251.239.116 -j DROP
iptables -A INPUT -s 107.6.97.26 -j DROP
iptables -A INPUT -s 15.185.42.136 -j DROP
iptables -A INPUT -s 216.24.138.13 -j DROP
iptables -A INPUT -s 35.206.120.112 -j DROP
iptables -A INPUT -s 107.182.238.164 -j DROP
iptables -A INPUT -s 209.95.32.78 -j DROP
iptables -A INPUT -s 35.215.77.57 -j DROP
iptables -A INPUT -s 45.76.73.126 -j DROP
iptables -A INPUT -s 45.76.73.121 -j DROP
iptables -A INPUT -s 35.215.95.255 -j DROP
iptables -A INPUT -s 142.54.238.28 -j DROP
iptables -A INPUT -s 149.248.40.218 -j DROP
iptables -A INPUT -s 149.248.41.58 -j DROP
iptables -A INPUT -s 197.84.209.6 -j DROP
iptables -A INPUT -s 197.80.200.85 -j DROP 
iptables -A INPUT -s 167.179.122.184 -j DROP
iptables -A INPUT -s 34.92.238.253 -j DROP
iptables -A INPUT -s 149.28.184.250 -j DROP
iptables -A INPUT -s 37.244.43.242 -j DROP
iptables -A INPUT -s 37.244.43.207 -j DROP
iptables -A INPUT -s 103.198.33.230 -j DROP
iptables -A INPUT -s 24.105.53.42 -j DROP
iptables -A INPUT -s 173.199.67.209 -j DROP
iptables -A INPUT -s 45.63.72.250 -j DROP
iptables -A INPUT -s 85.195.94.137 -j DROP
iptables -A INPUT -s 45.76.44.80 -j DROP
iptables -A INPUT -s 45.63.80.223 -j DROP
iptables -A INPUT -s 95.179.205.202 -j DROP
iptables -A INPUT -s 82.145.63.98 -j DROP
iptables -A INPUT -s 104.156.235.232 -j DROP
iptables -A INPUT -s 197.80.200.115 -j DROP
iptables -A INPUT -s 189.1.164.26 -j DROP
iptables -A INPUT -s 95.177.146.86 -j DROP
iptables -A INPUT -s 197.84.209.37 -j DROP
iptables -A INPUT -s 95.179.204.207 -j DROP
iptables -A INPUT -s 92.204.186.91 -j DROP
iptables -A INPUT -s 149.28.185.153 -j DROP
iptables -A INPUT -s 78.129.190.142 -j DROP
iptables -A INPUT -s 189.1.170.82 -j DROP
iptables -A INPUT -s 66.203.113.28 -j DROP
iptables -A INPUT -s 85.195.124.107 -j DROP
iptables -A INPUT -s 172.83.41.225 -j DROP
iptables -A INPUT -s 108.61.36.46 -j DROP
iptables -A INPUT -s 66.42.47.209 -j DROP
iptables -A INPUT -s 66.203.113.33 -j DROP
iptables -A INPUT -s 95.141.35.195 -j DROP
iptables -A INPUT -s 45.63.113.249 -j DROP
iptables -A INPUT -s 149.28.216.213 -j DROP
iptables -A INPUT -s 34.92.135.0 -j DROP
iptables -A INPUT -s 172.83.41.215 -j DROP
iptables -A INPUT -s 108.61.133.177 -j DROP
iptables -A INPUT -s 66.42.88.248 -j DROP
iptables -A INPUT -s 139.180.151.207 -j DROP
iptables -A INPUT -s 173.199.67.98 -j DROP

not sure to efficace 100%

thanks

are you blocking connections from, or connections to ?

connection from

my game is low ping normally everytime

if you're blocking connections from the server, shouldn't you block everything,
and just allow those you want to use ?

i don't know

just i know than the server is not on my list via wireshark

for the moment i'm on test

Use ipset it will be faster and easier to change.

Agreed. An ipset is the way to go. The OP says they're using ipset, but the long list of rules for each source IP says otherwise.

Also, if these rules are on the router they need to be added to the FORWARD chain, not the INPUT chain.

FORWARD = packets forwarded from WAN->LAN or LAN->WAN
INPUT = packets destined for the router itself

Something like this:

ipset -exist create ips-codservers hash:ip
ipset -exist flush  ips-codservers
ipset add ips-codservers 108.61.97.45
ipset add ips-codservers 107.6.150.82
ipset add ips-codservers 95.177.146.31 
ipset add ips-codservers 35.172.121.239
...

iptables -t filter -A FORWARD -p tcp -m set --match-set ips-codservers src -j DROP
iptables -t filter -A FORWARD -p udp -m set --match-set ips-codservers src -j DROP
iptables -t filter -A FORWARD -p tcp -m set --match-set ips-codservers dst -j DROP
iptables -t filter -A FORWARD -p udp -m set --match-set ips-codservers dst -j DROP

You could use OpenWrt's forwarding_rule chain instead of FORWARD, which is probably neater in the long run:

iptables -t filter -A forwarding_rule -p tcp -m set --match-set ips-codservers src -j DROP
iptables -t filter -A forwarding_rule -p udp -m set --match-set ips-codservers src -j DROP
iptables -t filter -A forwarding_rule -p tcp -m set --match-set ips-codservers dst -j DROP
iptables -t filter -A forwarding_rule -p udp -m set --match-set ips-codservers dst -j DROP

Then if you need to add/remove server IPs you just modify the ips-codservers ipset instead of having to edit the rules and restart/reload the firewall.

• If you block the servers, how do you intend to play the game?
• These don't appear to be servers; but gamers...are you blocking valid users form playing with you???
• Some IPs seem unrelated to gaming whatsoever, why do you think these are gaming servers?

I think the idea is to block servers that perform poorly or are too far away (high ping).

• Look at some of the IPs

I think it will probably to be pretty difficult to reliably block specific CoD servers without the risk of breaking something else. If CoD is anything like most other modern online games, the servers will be hosted dynamically on a cloud service like AWS or i3D.