Rules For Firewalls, Or How To Ban A Continent
Results 1 to 4 of 4

Thread: Rules For Firewalls, Or How To Ban A Continent

  1. #1
    Senior Member hesperus's Avatar
    Join Date
    Jan 2005
    Posts
    416

    Rules For Firewalls, Or How To Ban A Continent

    Couldn't find this posted, so here goes. Feel the power of banning a continent.

    Rules For Firewalls

    These rules are generated from RIPE LISTS, APNIC LISTS, LACNIC LISTS and ARIN LISTS.
    Therefore IP address ranges of these countries [that] are not listed in mentioned LISTS cannot [be] list[ed] [in the rules] below.
    As a consequence, note that [. . .] these lists cannot deny all IP-addresses of the above-mentioned countries.
    But I think if use this, in almost cases, you can completely deny direct accesses from these countries.

    These files are automatically updated around 6 p.m. GMT (7 p.m. CET, 2 a.m. HK/SIN) everyday.
    [edited for sense -- Japanese site]

    http://www.dayomon.net/fw/
    .

  2. #2
    Yes, that's my CC number! 576869746568617's Avatar
    Join Date
    Dec 2003
    Location
    Earth
    Posts
    397
    Interesting...

    know any ways to ban a bump troll?
    Windows 9x: n. A collection of 32 bit extensions and a graphical shell for a 16 bit patch to an 8 bit operating system originally coded for a 4 bit microprocessor. Written by a 2 bit company that can\'t stand 1 bit of competition.


  3. #3
    Senior Member Godsrock37's Avatar
    Join Date
    Jan 2005
    Location
    PA
    Posts
    121
    what do these lines mean?

    iptables -A INPUT -i ppp0 -p all -s 58.14.0.0/15 -j DROP
    iptables -A INPUT -i ppp0 -p all -s 58.16.0.0/16 -j DROP
    iptables -A INPUT -i ppp0 -p all -s 58.17.0.0/17 -j DROP
    iptables -A INPUT -i ppp0 -p all -s 58.17.128.0/17 -j DROP

    i can identify the ip address and im assuming DROP is telling the system to drop the packet but aside from that im lost


    Godsrock37

  4. #4
    Senior Member kr5kernel's Avatar
    Join Date
    Mar 2004
    Posts
    347
    -i is the interface, ppp0 means its a modem,
    -p all means all protocols (tcp, udp)
    -A is the chain, this means all packets coming into the machine
    -s is the source ip address from which those packets come,
    -j tells it waht to do if this rule is true (DROP,REJECT,ACCEPT)

    check out 'man iptables' for more details.
    kr5kernel
    (kr5kernel at hotmail dot com)
    Linux: Making Penguins Cool Since 1994.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides