Hi
I found a solution for blocking the iprange.
check this Link:
http://centoshacker.com/kabir/security/ ... -rule.htmlchange the script to:
_____________________________________________________________________________________________
#!/bin/sh
# Filename: blockip.sh
# Purpose: blocks all IP address/network found in a text file
# The text file must have one IP address or network per line
#################################################################
# Change the following path/filename to match yours
IP_LIST_FILE=/etc/blockip.txt
#################################################################
# Don't change anything below unless you are a smarty pant!
#################################################################
IPTABLES=/usr/sbin/iptables
# Get the IP address/network from the file and ignore any line starting with # (comments)
BAD_IP_ADDR_LIST=$(grep -Ev "^#" $IP_LIST_FILE)
# Now loop through the IP address/network list and ban them using iptabels
for i in $BAD_IP_ADDR_LIST
do
echo -n "Blocking $i ...";
$IPTABLES -I FORWARD -s $i -j DROP
$IPTABLES -I FORWARD -d $i -j DROP
echo "DONE.";
done
##################################################################
# END OF SCRIPT - NOTHING TO SEE HERE - THAT'S ALL FOLKS!
##################################################################
____________________________________________________________________________________________________
create file blockip.txt,
format file blockip.txt:
19
X.10
X.8.0/
X1
224.33.44.45
----------------------------------------------
example format 222.111.33.0 - 222.111.33.7 not working
copy script blockip.sh and file blockip.txt to Brazifw:
Step:
1. cd /
2. mt
3. cd /etc ,create ( use editor) or copy or wget these Files to /etc, you have big blockip.txt - > 4000 Entries --> better upload to
http://myserver.xx or Homepage ; download with wget
http://myserver.xx/blockip.sh, wget
http://myserver.xx/blockip.txt to Brazilfw /etc. )
4. chown root.root blockip.sh, chown root.root blockip.txt ,chmod 750 blockip.sh , chmod 644 blockip.txt
5.cd /
6. umt
7. cat /etc/rc.d/rc.local , Entrie: sh /etc/blockip.sh
8. save, run Webadmin or menu: Backup
9. Reboot Brazilfw,....... see bootscreen,
"Blocking 19
X.10
X.8.0/
X1 DONE."
"Blocking 224.33.44.45 DONE."
10. run top , --check cpu and mem
10. testing / see Webadmin: diagnostics -> active Firewallrule or console, run: iptables -L -n
pkts bytes target prot opt in out source destination
9 540 DROP all -- * * 0.0.0.0/0 19
X.10
X.8.0/
X1
block function work
11. no blocking ip or Country, blockip.txt paste: #
#19
X.10
X.8.0/
X1
224.33.44.45
you have problem with countries
see link for ip:
http://www.ipdeny.com/http://www.countryipblocks.net/country- ... t-formats/http://software77.net/geo-ip/http://www.iblocklist.com/lists.phphttp://www.malware.com.br/lists.shtmlX delete Numberalso work with: dnsmasq, entrie banner_add_hosts,/create banner_add_hosts under /etc
okay; her bad boys
Greetings from Görlitz - Germany
Editado pela última vez por Flex em Seg Fev 14, 2011 2:03 pm, em um total de 4 vezes.