1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

CSF firewall, how can I block an IP range?

Discussion in 'General Discussion' started by jols, Dec 20, 2006.

  1. jols

    jols Active Member

    Joined:
    Mar 13, 2004
    Messages:
    1,098
    Likes Received:
    2
    Trophy Points:
    38
    Problem is, I need to block a range for an entire country, i.e. every IP starting with 85, 86 or 88.

    Anyone know what I can put in the csf.deny file for this?
     
  2. mickalo

    mickalo Member

    Joined:
    Apr 16, 2002
    Messages:
    761
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    N.W. Iowa
    I believe you can find the CIDR/Netmask IP range at http://www.dnsstuff.com/

    Mickalo
     
  3. jols

    jols Active Member

    Joined:
    Mar 13, 2004
    Messages:
    1,098
    Likes Received:
    2
    Trophy Points:
    38
    Okay, thanks for the help!
     
  4. procam

    procam Member

    Joined:
    Nov 24, 2003
    Messages:
    130
    Likes Received:
    0
    Trophy Points:
    16
    How can I block a list of ip ranges with csf ?

    I want to step this question up ~ I am really fed up with china/korea spam so I assembled a list of all their ip space

    How can I add all of this to csf firewall to block it all quickly and easily ?
    Thats not the complete list It was too big to post but thats the general idea of what I want to block.
     
  5. procam

    procam Member

    Joined:
    Nov 24, 2003
    Messages:
    130
    Likes Received:
    0
    Trophy Points:
    16

    I already have all of it blocked for spam via the mailscanner blacklist - but I want all traffic to that specific server from china/korea blocked completely ~
     
  6. RandyO

    RandyO Member

    Joined:
    Jun 17, 2003
    Messages:
    177
    Likes Received:
    0
    Trophy Points:
    16
    You are not alone for sure, but so far that list is so long that it can bog your system down. There is also no real good RBL that is all inclusive of the korean/chinese ip list.

    I have run the full list myself and yes spam does drop DRAMATICALLY but loads on server are compromised now by the list instead of the spam...
     
  7. jayh38

    jayh38 Active Member

    Joined:
    Mar 3, 2006
    Messages:
    1,215
    Likes Received:
    0
    Trophy Points:
    36
    Do some research on mod geoip. I have this installed on many servers for developers
    to use for ads targeting but it seems very versitle for other things as well.
     
  8. ckh

    ckh Member

    Joined:
    Dec 6, 2003
    Messages:
    356
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Phoenix, AZ
    You probably already have some blacklists listed in your exim configuration. Here's what I have in mine and it's cut down the spam dramatically. Just make sure that the countries I have listed aren't ones that you or your clients are doing business with:

    dnslists = sbl-xbl.spamhaus.org : ar.countries.nerd.dk : br.countries.nerd.dk : cn.countries.nerd.dk : kr.countries.nerd.dk : pl.countries.nerd.dk : tr.countries.nerd.dk : tw.countries.nerd.dk : vn.countries.nerd.dk

    ar = Argentina
    br = Brazil
    cn = China
    kr = Korea
    pl = Poland
    tr = Turkey
    tw = Taiwan
    vn = Vietnam


    Chris
     

Share This Page