[prev in list] [next in list] [prev in thread] [next in thread]
List: ipcop-user
Subject: Re: [IPCop-user] So, how *do* you block IP's or IP networks...
From: Jon Trulson <jon () radscan ! com>
Date: 2011-12-01 3:23:34
Message-ID: alpine.DEB.2.02.1111302016510.7062 () l5 ! radscan ! com
[Download RAW message or body]
On Mon, 28 Nov 2011, Jon Trulson wrote:
> On Mon, 28 Nov 2011, G.W. Haywood wrote:
>
>> Hi there,
>>
>
> Hello,
>
>> On Sun, 27 Nov 2011 Jon Trulson wrote:
>>
>>> ... blocking specific IP's or IP ranges that were 'troublesome'
>>> ... How do I accomplish this in v2?
>>
>> Here's a sort of 'roll your own' solution, the kind that I prefer.
>>
[...]
>
> I think I've managed to get a similiar result by creating a new
> 'banned' address group containing the IP's/networks to ban, a service
> group that encompasses all ports in UDP/TCP, and then using them
> together in a DENY rule attached to external IPCop access section in
> FW rules.
>
Yeah - no. That didn't work at all :)
However, it was pretty simple to 'roll my own' as it were. I just
wrote a small shell script that issued the appropriate iptables
commands for CUSTOMINPUT, CUSTOMFORWARD, and CUSTOMOUTPUT based on a
text file containing IP's and IP ranges (CIDR).
This works very well :)
--
Jon Trulson
"The truth points to itself." -- Kosh
------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure
contains a definitive record of customers, application performance,
security threats, fraudulent activity, and more. Splunk takes this
data and makes sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-novd2d
_______________________________________________
IPCop-user mailing list
IPCop-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ipcop-user
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic