--
[ Picked text/plain from multipart/alternative ]
Here's something I run on my linux server to block IP addresses.
#!/bin/sh
#
# Firewall Rules - This section provides a front end to pre-filter
# traffic coming in.
# The idea is that this can filter hackers from known IP address
# and filter packets before they even atempt to talk to services
# --- Clear the Tables
iptables -v -F INPUT
# --- Filter Hackers
# The file /etc/ipblocked contains a list of IP addresses that are blocked
# on this system. These are IPs of people who have tried to hack us.
if [ -f /etc/ipblocked ]; then
for i in $( cat /etc/ipblocked ); do
iptables -v -A INPUT -s $i -j DROP
done
fi
ipblocked file looks like this:
147.32.109.5
200.61.75.149
217.10.192.19/24
193.85.2.87
Dave C. wrote:
>On Wed, 12 Jun 2002, Juha Saarinen wrote:
>
>
>
>>As any MTA operator will quickly notice, relay testing by spammers is a
>>common occurrence. Worse, many of the idiots doing the testing ignore the
>>"Relay not permitted" and carry on testing, over and over again.
>>
>>
>
>1. Contact the idiots' ISP and tell them they have spammers on their
>networks. Worse yet, they have DUMB spammers who are too stupid to
>realize their relays are failing.
>
>2. If it continues, get your router admin to put an IP level block in to
>prevent all traffic from the relevant IP's..
>
>
>
>>I'd like to deny SMTP connections to certain hosts and IP blocks, and was
>>wondering what is the best way of doing it with Exim 4. I can do it quite
>>easily with an ACL on the router, but would prefer to maintain a file with
>>host IP address and ranges for the MTA instead.
>>
>>
>
>You can reference such a file from within an ACL.
>
>
>
>>Thought host_reject_connection would be the way to go, initially, but
>>the Spec says it's better to reject at a later stage. What's the reasoning
>>for this?
>>
>>
>
>Some hosts are braindead and will keep trying over and over. Of course,
>some will keep trying regardless of where you reject.
>
>
>--
>
>## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ##
>
>
>
>
--