The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Block Ip`s / Hosts

Discussion in 'General Discussion' started by iceman-x, Nov 24, 2005.

  1. iceman-x

    iceman-x Member

    Joined:
    Jul 7, 2004
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    Hey !

    Just woundering what is the easy way to block meny ip/host, around 6k at ones.
    is it posible to import them to apf. ore is there another tool out there to do that. (Exim ?)

    and i need to update it about one`s a mont.

    sorry for my lack og english. ;)

    mvh ice
     
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Doing so with 6000 IP addresses is a very bad idea. If you did it with iptables you could render your server effectively unbootable, if you did it with exim you can drive email to a crawl or make it completely unusable. Blocking such a large number of IP addresses really should not be necessary. If it is for you, then you are better off looking at putting a dedciated hardware firewall in front of your server rather than tryng to do it in software.
     
  3. iceman-x

    iceman-x Member

    Joined:
    Jul 7, 2004
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    oki. it is not posible to ad a new firewall in front. i just rent a dedicated server.
    would it work to ad them to iptables then. or would the screew up the server load ?
     
  4. fikse

    fikse Well-Known Member

    Joined:
    May 10, 2003
    Messages:
    112
    Likes Received:
    0
    Trophy Points:
    16
    you really don't want to try it.... unless you have many of them on the same subnet, maybe you can block large blocks of ips at once....
     
  5. bhd

    bhd Well-Known Member

    Joined:
    Sep 20, 2003
    Messages:
    149
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    JNB ZA
    cPanel Access Level:
    Root Administrator
    My guess is you want to block a specific country? That can be done with iptables provided you do it with CIDR's and not discrete IP's.

    for example, just these single two lines would block over 8,000,000 Chinese IP's

    59.192.0.0/10
    61.128.0.0/10

    There are several sites that allow you to lookup a list of CIDR's for an entire country. Here's one . The generated list can be pasted directly into the deny_hosts file in apf.

    Like someone else said, just be sure that the TOTAL number of ip's/blocks is not too large. To be safe, not more than about 500 is my guess. More than that, will see you having to ask your data center to fix your server.

    Also remember that if you are using bfd etc, apf is adding more IP's on a daily basis. You need to check how many iptable rules you have and do a cleanup every now and again by removing ips if the number gets too big.

    To see how many rules you have: /sbin/iptables -L | wc -l
     
  6. AndyReed

    AndyReed Well-Known Member
    PartnerNOC

    Joined:
    May 29, 2004
    Messages:
    2,222
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Minneapolis, MN
    Using APF to block such massive number of IPs is not the best solution. Read this thread to see for yourself: http://forums.cpanel.net/showthread.php?t=46066
     
  7. iceman-x

    iceman-x Member

    Joined:
    Jul 7, 2004
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    That i now. was just woundering. ;)

    I have now done it another way around. i am using php script to block the ips. and a redirect when blcoked. the only case now is that have to ad the script to every site`s. Starting whit one site and we see how it works.

    thanks for the help any way.

    btw, found this netfilter any one tested it out? netfilter.org

    mvh ice
     
Loading...

Share This Page