search for: netblock

...1 @@ xfree(patterns); goto next_option; } + +/* e.g: permitopenned="158.156.0.0/255.255.255.0:25[-1024]" + * note that part between [] is optionnal for 1 port specification + */ + cp = "permitopennet=\""; + if (strncasecmp(opts, cp, strlen(cp)) == 0) { + char netblock[256], netmask[256], + sporta[6], sportb[6]; + u_short porta, portb; + + char *patterns = xmalloc(strlen(opts) + 1); + netblock[0] = netmask[0] = sporta[0] = sportb[0] = 0; + porta = portb = 0; + + opts += strlen(cp); + i = 0; + while (*opts) { + if (*opts == '"') +...

...Everyone, We rent a CentOS 7 VM from GoDaddy. We received a warning about excessive cpu usage, and a threat to cancel our service. We tracked it down to Apache and someone hammering our web server. The offending host is 59.64.129.175. To err on the side of caution we attempted to block the entire netblock. According to whois data, that's 59.64.128.0-59.64.159.255. iptables -A INPUT -s 59.64.128.0/19 -p TCP -j DROP After reboot cpu usage is still high and access_log still shows useless requests from the host: 59.64.129.175 - - [19/Apr/2020:08:53:53 -0400] "GET /w/index.php?tit...

I am trying shorewall as my previous post With alisias on eth1 loc and 4 pptp client vpns. The odd thing is when I enter one of the vpns in interfaces such as vpn1 it works. But if I enter the vpn in the hosts file shorewall blocks the vpns. shorewall/hosts #ZONE HOST(S) OPTIONS loc eth1:192.168.25.0/24 loctw eth1:192.168.50.0/24 locsa eth1:192.168.75.0/24 vpntw

...tOS 7 VM from GoDaddy. We received a warning about > excessive cpu usage, and a threat to cancel our service. We tracked it > down to Apache and someone hammering our web server. > > The offending host is 59.64.129.175. To err on the side of caution we > attempted to block the entire netblock. According to whois data, > that's 59.64.128.0-59.64.159.255. > > iptables -A INPUT -s 59.64.128.0/19 -p TCP -j DROP > > After reboot cpu usage is still high and access_log still shows > useless requests from the host: > > 59.64.129.175 - - [19/Apr/2020:08:53:53...

On 19/04/2020 14:58, Jeffrey Walton wrote: Hi Jeffrey, > The offending host is 59.64.129.175. To err on the side of caution we > attempted to block the entire netblock. According to whois data, > that's 59.64.128.0-59.64.159.255. > > iptables -A INPUT -s 59.64.128.0/19 -p TCP -j DROP > > After reboot cpu usage is still high and access_log still shows > useless requests from the host: Did you actually arrange for your iptables rule to...

...2020 at 9:26 AM Anand Buddhdev <anandb at ripe.net> wrote: > > > > On 19/04/2020 14:58, Jeffrey Walton wrote: > > > > Hi Jeffrey, > > > > > The offending host is 59.64.129.175. To err on the side of caution we > > > attempted to block the entire netblock. According to whois data, > > > that's 59.64.128.0-59.64.159.255. > > > > > > iptables -A INPUT -s 59.64.128.0/19 -p TCP -j DROP > > > > > > After reboot cpu usage is still high and access_log still shows > > > useless requests from the...

On Sun, Apr 19, 2020 at 9:40 AM Mike <1100100 at gmail.com> wrote: > > Thought it might also be helpful to confirm that firewalld is not > interfering in any way. > > what is the output of ~$# systemctl status firewalld Thanks Mike. # systemctl status firewalld Unit firewalld.service could not be found. Jeff

...those of you that use ORBS, you'll find it is blacklisted now. There is no mention of it on the website and it doesn't return a positive when you enter it for testing but it has slipped into the ORBS blacklist somewhere. Samba.org admins may wish to force all ns1 outbound email via another netblock, bringing it up to ORBS only seems to get more of your netblock blacklisted. In the meantime, those of you who mysteriously don't get emails from samba lists may magically get them again after you grant explicit access to ns1.samba.org [203.17.0.92]. -d -- "The difference between 'i...

On Sun, Apr 19, 2020 at 9:26 AM Anand Buddhdev <anandb at ripe.net> wrote: > > On 19/04/2020 14:58, Jeffrey Walton wrote: > > Hi Jeffrey, > > > The offending host is 59.64.129.175. To err on the side of caution we > > attempted to block the entire netblock. According to whois data, > > that's 59.64.128.0-59.64.159.255. > > > > iptables -A INPUT -s 59.64.128.0/19 -p TCP -j DROP > > > > After reboot cpu usage is still high and access_log still shows > > useless requests from the host: > > Did you actual...

CentOS-6.6 We have a host that has multiple IPv4 addresses aliased to eth0. The primary address is 216.185.71.x and the alias is 192.168.6.x. This host connects to devices on both netblocks without problems. Only default routing is used and it looks like this: #ip route 192.168.6.0/24 dev eth0 proto kernel scope link src 192.168.6.x 216.185.71.0/24 dev eth0 proto kernel scope link src 216.185.71.x 169.254.0.0/16 dev eth0 scope link metric 1002 default via 192.168.6.1 dev et...

On 19/04/2020 15:30, Jeffrey Walton wrote: > Ugh, thanks. I did not realize the changes were only temporary. > > What is the recommended way to permanently add a ban rule? On CentOS 7, the default firewall is "firewalld", and you can configure it with "firewall-cmd". You can use it to add temporary or permanent rules. You can read the man page of that to learn how

...e mounting procedures, which is where the mystery comes into view for the uninitiated <so don't follow it for production just yet, it's under construction for eventual use by the Wiki if we can answer some questions>: Install Centos 5 during install make a filesystem called /drbd-netblock and give it 1GB and it shows up as /dev/sda7 yum install drbd kmod-drbd edit /etc/grub.conf to allow boot of the drbd kernel 2.6.18-8.1.6.el5 #1 SMP reboot, the proper kernel should now be up. modprobe drbd umount /drbd-netblock filesystem so drbd can use it: umount /drbd-netblock edit /etc/...

I am contemplating converting some of our internal networks from routable to private IPv4 address space. I have a question about RIP as implemented under Cisco IOS 12.x. Presently the setting for rip is: router rip version 2 passive-interface [[FastEthernet]]0/0 network aaa.bbb.ccc.0 no auto-summary What I would like to know is how one routes the entire 192.168/16 address space using rip.

Hi, I have a question. I have a routeable /24 netblock including a server at a colocation and I would like to use tincd to tunnel part of that netblock to an internal network on another location being connected to the internet via gateway with DSL link and a single static IP address, so I can use public routable IP addresses on the local network. I ha...

...sts that have no corresponding sshd activity logged at all. This morning (in reviewing the logs from yesterday), I found a set of 580 such setup requests logged from Mar 20 19:30:06 - Mar 20 19:40:06 (US/Pacific; currently 7 hrs. west of GMT/UTC), each from 204.11.235.148 (part of a VAULT-NETWORKS netblock). The sshd on the internal machine never logged anything corresponding to any of this. I cannot imagine any valid reason for SSH traffic to my home to be originating from that netblock. I perceive nothing comforting in the lack of sshd logging the apparent activity. Lacking rationale to do othe...

Robin Lynn Frank wrote: > I have an entire /8 blacklisted. The problem is there is a single IP in > it I want to exempt from this. Searching the web site, I note there > used to be (circa version 1.3) a whitelist feature, but I couldn''t find > a simple solution to what I want to do. > > What would be the bes/easiest way to accomplish this? I can''t think of a

...r, the IPv4 address it obtains and the gateway it is assigned are both sourced from the virtual machine host system and not from our AD DC DHCP server. To clarify, the virbr0 IP address is 192.168.122.1 and the Windows guest has that address as its gateway and an IP address in the 192.168.122.0/24 netblock. This is not as we desire as the internal addresses we regularly assign to MS workstations via DHCP are supposed to belong to a different netblock entirely. This permit filtering on incoming and outgoing traffic at the gateway. I realize that there is a DHCP service running on virbr0 for the pur...

Sub:[LARTC] cbq init for one port on a subnet Hello, We use cbq.init to limit bandwidth. It works great on a per-user basis. Now I''d like to limit traffic from a netblock to the Internet on port 6699. Network is 192.168.0.160 mask 255.255.255.224 eth0 is the gateway eth1 connects the netblock in question Is this the proper syntax; DEVICE=eth0,10Mbit,1Mbit RATE=100Kbit WEIGHT=10Kbit PRIO=5 RULE=6699 192.168.0.160/27, Thanks! Scott Hi! Scott, Your Config. fil...

...ndly > I have laptops coming and going as well that must be able to monitor. > > Is there a way to use our DNS server's host file? or > Is there a way to only define a network IP range such as 172.16.20. and > ommit host names? >From 'man upsd.conf': ACL name netblock Define an Access Control List (ACL) called name that contains the network netblock. The netblock can be either the old style, such as this for a traditional "class C": ACL mynet 192.168.50.0/255.255.255.0 Or, you can use new$B!>(Bstyle...

I've been having some odd problems with samba and it's libsmb/nmblib parts. It seems to be trying to transmit data to the .63 of my netblock, i.e. the IP of the machine would be 24.240.60.20, it'd be trying to transmit to 24.240.60.63. I've changed IPs about 15 times since, and it does it to each different block I change to. If the IP of the local machine got changed to 24.241.122.13, it'd be attempting to send to 24.241.1...