* Originally in BINKD
* Crossposted in INTERNET
* Crossposted in TCPIP
Hi Brian,
On 2021-05-11 11:11:00, you wrote to Dumas Walker:
How would you format it if you want to drop a whole range or block of
IP addresses?
I made a utilty for myself which I call "ipblock". It handles whatever string I wish to enter whether it's IPv4 or IPv6, a single IP or a block. It writes to a file called /etc/blocked.ips which is then called upon bootup as part of my firewalling. In doing a whole block enter in the cidr shorthand. Ex:
/sbin/iptables -I INPUT -s 49.7.0.0/16 -j ROP
/sbin/iptables -I OUTPUT -d 49.7.0.0/16 -j DROP
/sbin/iptables -I FORWARD -s 49.7.0.0/16 -j DROP
This filters a scanbot block from my box. :)
Further questions, feel free to netmail me as this really isn't Bink information. I'll be happy to try and answer.
Or take it to the INTERNET and/or TCPIP areas, so we can all learn! ;)
You can also add logging and such if you desire. I don't feel that if
I'm denying a block that I need to see my work did the job I
programmed it to do though.
Bye, Wilfred.
--- FMail-lnx64 2.1.0.18-B20170815
* Origin: FMail development HQ (2:280/464)
Web-based telnet client
IRC
Email & news access