search for: ipdeny

Displaying 14 results from an estimated 14 matches for "ipdeny".

Did you mean: indent
2019 Jan 14
3
CentOS 6.X, iptables 1.47 and GeoLite2 Country Database
Hi Specs in subject line: CentOS 6.X all latest patches), iptables 1.47, Apache2.2 I use the Geolite legacy databases together with iptables 1.47 to filter traffic for a variety of ports and only allow .AU traffic to have access. Maxmind (https://dev.maxmind.com/geoip/geoip2/geolite2/) changed the default DB to the latest version which is GeoLite2, this leaves all users in need of the old
2019 Jan 15
2
CentOS 6.X, iptables 1.47 and GeoLite2 Country Database
On Mon, Jan 14, 2019 at 07:29:45AM +0000, Phil Perry (pperry at elrepo.org) wrote: > On 14/01/2019 07:09, Jobst Schmalenbach wrote: > > Hi > I use ipdeny's aggregated country lists to do the same thing: > > http://www.ipdeny.com/ipblocks/data/aggregated/ > > I just feed this data directly into ipset/iptables via a script running on > my firewall (not a C6 box). ipset is a really efficient way of doing this. Do you create a sep...
2019 Jan 15
0
CentOS 6.X, iptables 1.47 and GeoLite2 Country Database
On 15/01/2019 01:29, Jobst Schmalenbach wrote: > > On Mon, Jan 14, 2019 at 07:29:45AM +0000, Phil Perry (pperry at elrepo.org) wrote: >> On 14/01/2019 07:09, Jobst Schmalenbach wrote: >>> Hi >> I use ipdeny's aggregated country lists to do the same thing: >> >> http://www.ipdeny.com/ipblocks/data/aggregated/ >> >> I just feed this data directly into ipset/iptables via a script running on >> my firewall (not a C6 box). ipset is a really efficient way of doing this. &gt...
2019 Jan 14
0
CentOS 6.X, iptables 1.47 and GeoLite2 Country Database
...09, Jobst Schmalenbach wrote: > Hi > > Specs in subject line: CentOS 6.X all latest patches), iptables 1.47, Apache2.2 > > I use the Geolite legacy databases together with iptables 1.47 to filter traffic for a variety of ports and only allow .AU traffic to have access. > I use ipdeny's aggregated country lists to do the same thing: http://www.ipdeny.com/ipblocks/data/aggregated/ I just feed this data directly into ipset/iptables via a script running on my firewall (not a C6 box). ipset is a really efficient way of doing this. > Maxmind (https://dev.maxmind.com/geoip...
2015 Mar 05
1
RBL with stock Dovecot 2.2.15 (was Re: IP drop list)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Steffen Kaiser wrote: > passdb { driver = ipdeny args = <host>/matchpattern/action .... > *** } > With next passdb{} as 1st in chain: passdb { driver = checkpassword args = "/tmp/chktst ip=%r service=%s" result_success = continue result_failure = return-fail } and this script BEGIN /tmp/chktst #!/bin/bash echo &...
2019 Jan 16
1
CentOS 6.X, iptables 1.47 and GeoLite2 Country Database
...lso wanted to go the "other way": disallow everything but 2 countries (AU,NZ). There are even more conflicting ideas about how to do this, but I figured it out. Also I cannot see a difference in speed between using (maxmind) -A filter_countries -m geoip --src-cc AU,NZ -j ACCEPT and (ipdeny) -A filter_countries -m set --set au.geoblock src -j ACCEPT which is really good! Jobst -- The future isn't what it used to be (it never was). | |0| | Jobst Schmalenbach, General Manager | | |0| Barrett & Sales Essentials |0|0|0| +61 3 9533 0000, POBox 277, Caulfield...
2014 Apr 11
1
SIP fraud IP blacklist
...use it. The list is yet pretty short but for me, it has reduced the noise on my PBX from 20-30 attacks per day to about 2 or 3 per week, especially after most of the Palestinian networks ended up on the list. You're free to use the list - own your own responsibility and risk. It's in the ipdeny.com format, so a simple script can be used to CURL the list and create iptables rules from it. A sample script for something like that is also on my website (check the Linux section). That's the website for the list: http://stefan.gofferje.net/it-stuff/sipfraud/sip-attacker-blacklist And that...
2015 Mar 02
3
IP drop list
On 03/02/2015 02:38 AM, Oliver Welter wrote: > Guys, dovecot is open source - if you desire a feature that the upstream > programmer did not include, pay him a bounty to do so or send him a > patch to be included. Period. We can discuss and mightbe somebody will > fork if he is not willing to accept such a solutuion for any political > reason. > > I am really tired of reading
2010 May 21
1
question about scripts sieves
hello list hello dovecot network hello all the reader here is a sieve script this ######################################## require ["fileinto","regex","comparator-i;ascii-numeric","reject","relational"]; # rule:[spammanage] if header :value "ge" :comparator "i;ascii-numeric" ["X-Spam-score"] ["500"] {
2015 Mar 02
0
IP drop list
...at tcpwrapper is for" :-) http://wiki2.dovecot.org/LoginProcess?highlight=%28tcp+wrapper%29 what had been ruled out by the OP with a conditional *if*. If you for instance add a passdb{} driver, that does not interfere with the remaining code base (much), so one can use: passdb { driver = ipdeny args = <host>/matchpattern/action .... *** } in front of any other passdb{}. *** some sort of notation to configure IP source, matching and reaction. If such plugin(?) is available, I would expect immediate complains, it does not support: + local file lists with various sets of syntaxe...
2012 Jun 05
3
Another IP address to block
Yesterday a customer was attacked from the following IP addresses so add them to your blacklist: iptables -A INPUT -s 37.8.119.75 -j DROP iptables -A INPUT -s 37.8.22.240 -j DROP -- Telecomunicaciones Abiertas de M?xico S.A. de C.V. Carlos Ch?vez Prats Director de Tecnolog?a +52-55-91169161 ext 2001 -------------- next part -------------- A non-text attachment was scrubbed... Name: not
2018 Nov 18
1
[Bug 1301] New: Feature Request - "add set", "add element" - automatically import element members from a file
...ealm.net After working with "named sets", it would be convenient for nft to learn to automatically import the "elements" for a "named set" from an external file, when that list might be very long, as when, for instance, creating a drop rule for addresses provided from ipdeny.com, rather than always needing to use a subsequent command, as for instance "nft add element inet filter drop4 \{ $( tr '\n' ',' < etc/zones.conf.d/cn-aggregated.zone ) \}", in this example. The format might look something like "set <set_name> { ...; elemen...
2015 Jun 08
4
Am I cracked?
Kevin Larsen <kevin.larsen at pioneerballoon.com> schrieb: > Based on SIP packets coming in from IP addresses you don't recognize, > while you may not be hacked, you would seem to have people probing your I think, too, it's someone probing my IP... > system. One thing you can do at the firewall level is restrict inbound sip > communications to only those from your
2024 Jan 30
10
[Bug 1735] New: Adding nftables interval sets progressively gets slower and makes the nft CLI less responsive with each added set
...ment 734 --> https://bugzilla.netfilter.org/attachment.cgi?id=734&action=edit shell script demonstrating the bug The title basically describes the issue. Steps to reproduce the issue: Take an ip list for any country (in most of my tests I've been using the ip list for GB fetched from ipdeny, which currently has 8589 ipv4 ip blocks), measure time taking to load it into a new set, measure time adding the same ip list again in a new set under a new name (without removing the 1st one), repeat n times. Each new iteration takes a little longer. On the OpenWRT installation in VM, 1st iterati...