+ Reply to Thread
Results 1 to 4 of 4
  1. September 5th, 2005 05:15 PM #1
    hesperus
    hesperus is offline
    Senior Member hesperus hesperus hesperus hesperus hesperus hesperus hesperus hesperus hesperus hesperus hesperus hesperus's Avatar
    Join Date
    Jan 2005
    Posts
    416

    Rules For Firewalls, Or How To Ban A Continent

    Couldn't find this posted, so here goes. Feel the power of banning a continent.

    Rules For Firewalls

    These rules are generated from RIPE LISTS, APNIC LISTS, LACNIC LISTS and ARIN LISTS.
    Therefore IP address ranges of these countries [that] are not listed in mentioned LISTS cannot [be] list[ed] [in the rules] below.
    As a consequence, note that [. . .] these lists cannot deny all IP-addresses of the above-mentioned countries.
    But I think if use this, in almost cases, you can completely deny direct accesses from these countries.

    These files are automatically updated around 6 p.m. GMT (7 p.m. CET, 2 a.m. HK/SIN) everyday.
    [edited for sense -- Japanese site]

    http://www.dayomon.net/fw/
    .
    Reply With Quote Reply With Quote
  2. September 5th, 2005 07:19 PM #2
    576869746568617
    576869746568617 is offline
    Yes, that's my CC number! 576869746568617 has much to be proud of 576869746568617 has much to be proud of 576869746568617 has much to be proud of 576869746568617 has much to be proud of 576869746568617 has much to be proud of 576869746568617 has much to be proud of 576869746568617 has much to be proud of 576869746568617 has much to be proud of 576869746568617 has much to be proud of 576869746568617's Avatar
    Join Date
    Dec 2003
    Location
    Earth
    Posts
    397
    Interesting...

    know any ways to ban a bump troll?
    Windows 9x: n. A collection of 32 bit extensions and a graphical shell for a 16 bit patch to an 8 bit operating system originally coded for a 4 bit microprocessor. Written by a 2 bit company that can\'t stand 1 bit of competition.

    Reply With Quote Reply With Quote
  3. September 5th, 2005 09:35 PM #3
    Godsrock37
    Godsrock37 is offline
    Senior Member Godsrock37 is a jewel in the rough Godsrock37 is a jewel in the rough Godsrock37 is a jewel in the rough Godsrock37 is a jewel in the rough Godsrock37's Avatar
    Join Date
    Jan 2005
    Location
    PA
    Posts
    121
    what do these lines mean?

    iptables -A INPUT -i ppp0 -p all -s 58.14.0.0/15 -j DROP
    iptables -A INPUT -i ppp0 -p all -s 58.16.0.0/16 -j DROP
    iptables -A INPUT -i ppp0 -p all -s 58.17.0.0/17 -j DROP
    iptables -A INPUT -i ppp0 -p all -s 58.17.128.0/17 -j DROP

    i can identify the ip address and im assuming DROP is telling the system to drop the packet but aside from that im lost


    Godsrock37
    Reply With Quote Reply With Quote
  4. September 6th, 2005 02:02 PM #4
    kr5kernel
    kr5kernel is offline
    Senior Member kr5kernel has much to be proud of kr5kernel has much to be proud of kr5kernel has much to be proud of kr5kernel has much to be proud of kr5kernel has much to be proud of kr5kernel has much to be proud of kr5kernel has much to be proud of kr5kernel's Avatar
    Join Date
    Mar 2004
    Posts
    347
    -i is the interface, ppp0 means its a modem,
    -p all means all protocols (tcp, udp)
    -A is the chain, this means all packets coming into the machine
    -s is the source ip address from which those packets come,
    -j tells it waht to do if this rule is true (DROP,REJECT,ACCEPT)

    check out 'man iptables' for more details.
    kr5kernel
    (kr5kernel at hotmail dot com)
    Linux: Making Penguins Cool Since 1994.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

Forum Rules

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides