search for: ipblock

Hi to all. First of all exchuse for my bad english I try to use Ajax.InPlaceEditor with a textarea: ################## new Ajax.InPlaceEditor($(''ipblock''), ''tools/admin_save.php'', { ajaxOptions: {method: ''get''}, rows:10, cols:20, callback: function(form, value) { return ''op=ipblock&value='' + value}, onBlur: function(request) {Element.show(''indica...

Hi Specs in subject line: CentOS 6.X all latest patches), iptables 1.47, Apache2.2 I use the Geolite legacy databases together with iptables 1.47 to filter traffic for a variety of ports and only allow .AU traffic to have access. Maxmind (https://dev.maxmind.com/geoip/geoip2/geolite2/) changed the default DB to the latest version which is GeoLite2, this leaves all users in need of the old

https://bugzilla.netfilter.org/show_bug.cgi?id=699 Pablo Neira Ayuso <pablo at netfilter.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED CC| |pablo at netfilter.org Resolution|

...: 2.244.112.0/24 So using the OLD iptables I would run through my file build the iptables.txt file and start that with DROP for the IP address. iptables ran through the big list in no time. I was trying to run a script to go through each line and run: firewall-cmd --zone=drop --add-source="$ipblock" --permanent but this takes a long time. What is a "better" way or more efficient way to keep my long list of bad addresses and apply them? Thanks, Jerry

On Mon, Jan 14, 2019 at 07:29:45AM +0000, Phil Perry (pperry at elrepo.org) wrote: > On 14/01/2019 07:09, Jobst Schmalenbach wrote: > > Hi > I use ipdeny's aggregated country lists to do the same thing: > > http://www.ipdeny.com/ipblocks/data/aggregated/ > > I just feed this data directly into ipset/iptables via a script running on > my firewall (not a C6 box). ipset is a really efficient way of doing this. Do you create a separate table, then feed every IP address (via ipset) into this chain? Would you mind sharing th...

...chmalenbach wrote: > > On Mon, Jan 14, 2019 at 07:29:45AM +0000, Phil Perry (pperry at elrepo.org) wrote: >> On 14/01/2019 07:09, Jobst Schmalenbach wrote: >>> Hi >> I use ipdeny's aggregated country lists to do the same thing: >> >> http://www.ipdeny.com/ipblocks/data/aggregated/ >> >> I just feed this data directly into ipset/iptables via a script running on >> my firewall (not a C6 box). ipset is a really efficient way of doing this. > > > Do you create a separate table, then feed every IP address (via ipset) into this chain?...

...n through my file build the > > iptables.txt file and start that with DROP for the IP address. iptables > ran > > through the big list in no time. > > > > I was trying to run a script to go through each line and run: > > firewall-cmd --zone=drop --add-source="$ipblock" --permanent > > but this takes a long time. > > > > What is a "better" way or more efficient way to keep my long list of bad > > addresses and apply them? Thanks, > > > > To some extent you need to ask yourself if a 20 year old blacklist is >...

...all latest patches), iptables 1.47, Apache2.2 > > I use the Geolite legacy databases together with iptables 1.47 to filter traffic for a variety of ports and only allow .AU traffic to have access. > I use ipdeny's aggregated country lists to do the same thing: http://www.ipdeny.com/ipblocks/data/aggregated/ I just feed this data directly into ipset/iptables via a script running on my firewall (not a C6 box). ipset is a really efficient way of doing this. > Maxmind (https://dev.maxmind.com/geoip/geoip2/geolite2/) changed the default DB to the latest version which is GeoLite2, t...

...g the OLD iptables I would run through my file build the > iptables.txt file and start that with DROP for the IP address. iptables ran > through the big list in no time. > > I was trying to run a script to go through each line and run: > firewall-cmd --zone=drop --add-source="$ipblock" --permanent > but this takes a long time. > > What is a "better" way or more efficient way to keep my long list of bad > addresses and apply them? Thanks, > To some extent you need to ask yourself if a 20 year old blacklist is really effective these days. Lots wil...

Kevin Larsen <kevin.larsen at pioneerballoon.com> schrieb: > Based on SIP packets coming in from IP addresses you don't recognize, > while you may not be hacked, you would seem to have people probing your I think, too, it's someone probing my IP... > system. One thing you can do at the firewall level is restrict inbound sip > communications to only those from your

...const struct sockaddr_in *addr); > +int access_check(const struct sockaddr_in *addr); > +#else > int acl_check(const char *aclname, const struct sockaddr_storage *addr); > int access_check(const struct sockaddr_storage *addr); > +#endif > void acl_add(const char *aclname, char *ipblock); > void access_add(int type, int numargs, const char **arg); > void acl_free(void); > > Modified: trunk/server/ctype.h > ============================================================================== > --- trunk/server/ctype.h (original) > +++ trunk/server/ctype.h Sat Jan...

...psd configuration file # # This file contains access control data, you should keep it secure. # # It should only be readable by the user that upsd becomes. See the FAQ. # ======================================================================= # Access Control Lists (ACLs) # # ACL <name> <ipblock> # ACL myhost 10.0.0.1/32 # # ACCEPT <aclname> [<aclname>...] # REJECT <aclname> [<aclname>...] # # Define lists of hosts or networks with ACL definitions. # # ACCEPT and REJECT use ACL definitions to control whether a host is # allowed to connect to upsd. # # This defaul...

...eck(const char *aclname, const struct sockaddr_in *addr); > -int access_check(const struct sockaddr_in *addr); > +int acl_check(const char *aclname, const struct sockaddr_storage *addr); > +int access_check(const struct sockaddr_storage *addr); > void acl_add(const char *aclname, char *ipblock); > void access_add(int type, int numargs, const char **arg); > void acl_free(void); > > Modified: trunk/server/ctype.h > ============================================================================== > --- trunk/server/ctype.h (original) > +++ trunk/server/ctype.h Fri Jan...