CSF firewall, how can I block an IP range?

jols · Dec 20, 2006

Problem is, I need to block a range for an entire country, i.e. every IP starting with 85, 86 or 88.

Anyone know what I can put in the csf.deny file for this?

mickalo · Dec 20, 2006

jols said:
Problem is, I need to block a range for an entire country, i.e. every IP starting with 85, 86 or 88.

Anyone know what I can put in the csf.deny file for this?

I believe you can find the CIDR/Netmask IP range at http://www.dnsstuff.com/

Mickalo

jols · Dec 20, 2006

Okay, thanks for the help!

procam · Dec 21, 2006

How can I block a list of ip ranges with csf ?

I want to step this question up ~ I am really fed up with china/korea spam so I assembled a list of all their ip space

How can I add all of this to csf firewall to block it all quickly and easily ?

58.14.0.0/15
58.16.0.0/13
58.24.0.0/15
58.30.0.0/15
58.32.0.0/11
58.66.0.0/15
58.68.128.0/17
58.82.0.0/15
58.87.64.0/18
58.99.128.0/17
58.100.0.0/15
58.116.0.0/14
58.128.0.0/13
58.144.0.0/16
58.154.0.0/15
58.192.0.0/11
58.240.0.0/12
59.32.0.0/11
59.64.0.0/13
59.72.0.0/15
59.77.0.0/16
59.78.0.0/15
59.80.0.0/14
59.107.0.0/16
59.108.0.0/14
59.151.0.0/17
59.155.0.0/16
59.172.0.0/15
59.191.0.0/16
59.192.0.0/10
60.0.0.0/11
60.55.0.0/16
60.63.0.0/16
60.160.0.0/11
60.194.0.0/15
60.200.0.0/13
60.208.0.0/12
60.232.0.0/15
60.235.0.0/16
60.245.128.0/17
60.247.0.0/16
60.252.0.0/16
60.253.128.0/17
60.255.0.0/16
61.8.160.0/20
61.28.0.0/17
61.29.128.0/17
61.45.128.0/18
61.47.128.0/18
61.48.0.0/13
61.87.192.0/18
61.128.0.0/10
61.232.0.0/14
61.236.0.0/15
61.240.0.0/14
121.0.16.0/20
121.4.0.0/15
121.8.0.0/13
121.16.0.0/13
121.24.0.0/14
121.28.0.0/15
121.31.0.0/16
121.32.0.0/13
121.40.0.0/14
121.46.0.0/15
121.48.0.0/15
121.51.0.0/16
121.55.0.0/18
121.56.0.0/15
121.58.0.0/17
121.59.0.0/16
121.60.0.0/14
121.68.0.0/14
121.76.0.0/15
121.89.0.0/16
121.100.128.0/17
121.192.0.0/14
121.201.0.0/16
121.224.0.0/12
121.248.0.0/14
121.255.0.0/16
122.0.64.0/18
122.0.128.0/17
122.4.0.0/14
122.8.0.0/13
122.48.0.0/16
122.49.0.0/18
122.51.0.0/16
122.64.0.0/11
122.96.0.0/15
122.102.0.0/20
122.102.64.0/19
122.192.0.0/14
122.198.0.0/16
122.200.64.0/18
122.204.0.0/14
122.224.0.0/12
122.240.0.0/13
123.0.128.0/18
123.4.0.0/14
123.8.0.0/13
123.49.128.0/17
123.52.0.0/14
123.64.0.0/11
123.96.0.0/15
123.98.0.0/17
123.99.128.0/17
123.101.0.0/16
123.199.128.0/17
124.6.64.0/18
124.16.0.0/15
124.20.0.0/15
124.29.0.0/17
124.40.128.0/18
124.42.0.0/17
124.47.0.0/18
124.64.0.0/15
124.66.0.0/17
124.67.0.0/16
124.68.0.0/14
124.72.0.0/13
124.89.0.0/16
124.90.0.0/15
124.92.0.0/14
124.108.8.0/21
124.108.40.0/21
124.112.0.0/13
124.128.0.0/13
124.147.128.0/17
124.156.0.0/16
124.160.0.0/13
124.172.0.0/14
124.192.0.0/15
124.196.0.0/16
124.200.0.0/13
124.220.0.0/14
124.224.0.0/12
124.240.0.0/17
124.242.0.0/16
124.243.192.0/18
124.248.0.0/17
124.249.0.0/16
124.250.0.0/15
124.254.0.0/18
125.31.192.0/18
125.32.0.0/12
125.58.128.0/17
125.62.0.0/18
125.64.0.0/11
125.96.0.0/15
125.98.0.0/16
125.104.0.0/13
125.112.0.0/12
125.171.0.0/16
125.208.0.0/18
125.210.0.0/16
125.213.0.0/17
125.215.0.0/18
125.216.0.0/13
125.254.128.0/18
134.196.0.0/16
159.226.0.0/16
161.207.0.0/16
162.105.0.0/16
166.111.0.0/16
167.139.0.0/16
168.160.0.0/16
192.83.122.0/24
192.124.154.0/24
192.188.170.0/24
198.17.7.0/24
198.97.132.0/24
202.0.110.0/24
202.0.160.0/20
202.0.176.0/22
202.3.77.0/24
202.4.128.0/19
202.4.252.0/22
202.8.128.0/19
202.10.64.0/20
202.14.88.0/24
202.14.235.0/24
202.14.236.0/23
202.14.238.0/24
202.20.120.0/24
202.22.248.0/21
202.38.0.0/20
202.38.32.0/20
202.38.64.0/18
202.38.128.0/21
202.38.136.0/23
202.38.138.0/24
202.38.140.0/22
202.38.144.0/22
202.38.149.0/24
202.38.150.0/23
202.38.152.0/22
202.38.156.0/24
202.38.158.0/23
202.38.160.0/23
202.38.164.0/22
202.38.168.0/21
202.38.176.0/23
202.38.184.0/21
202.38.192.0/18
202.41.152.0/21
202.41.240.0/20
202.46.32.0/19
202.46.224.0/20
202.60.112.0/20
202.62.248.0/22
202.69.4.0/22
202.69.16.0/20
202.70.0.0/19
202.74.8.0/21
202.75.208.0/20
202.85.208.0/20
202.90.0.0/22
202.90.224.0/20
202.90.252.0/22
202.91.0.0/22
202.91.128.0/22
202.91.176.0/20
202.91.224.0/19
202.92.0.0/22
202.92.252.0/22
202.93.0.0/22
202.93.252.0/22
202.94.0.0/19
202.95.0.0/19
202.95.252.0/22
202.96.0.0/12
202.112.0.0/13
202.120.0.0/15
202.122.0.0/19
202.122.32.0/21
202.122.64.0/19
202.122.112.0/21
202.122.128.0/24
202.123.96.0/20
202.125.176.0/20
202.127.0.0/18
202.127.112.0/20
202.127.128.0/19
202.127.160.0/21
202.127.192.0/18
202.130.0.0/19
202.130.224.0/19
202.131.16.0/21
202.131.48.0/20
202.131.208.0/20
202.136.48.0/20
202.136.208.0/20
202.136.224.0/20
202.136.252.0/22
202.141.160.0/19
202.142.16.0/20
202.143.16.0/20
202.148.96.0/19
202.149.160.0/20
202.149.224.0/19
202.150.16.0/20
202.152.176.0/20
202.153.48.0/20
202.158.160.0/19
202.160.176.0/20
202.164.0.0/20
202.165.96.0/20
202.165.176.0/20
202.165.208.0/20
202.166.192.0/19
202.168.160.0/20
202.170.128.0/19
202.170.216.0/21
202.173.8.0/21
202.173.224.0/19
202.179.240.0/20
202.180.128.0/19
202.181.112.0/20
202.189.80.0/20
202.192.0.0/12
203.79.0.0/20
203.80.144.0/20
203.81.16.0/20
203.83.56.0/21
203.86.0.0/18
203.86.64.0/19
203.87.224.0/19
203.88.0.0/22
203.88.32.0/19
203.88.192.0/19
203.89.0.0/22
203.90.0.0/22
203.90.128.0/18
203.90.192.0/19
203.91.0.0/22
203.91.32.0/19
203.91.96.0/20
203.91.120.0/21
203.92.0.0/22
203.92.160.0/19
203.93.0.0/19
203.94.0.0/18
203.95.0.0/21
203.95.96.0/19
203.99.16.0/20
203.99.80.0/20
203.100.32.0/20
203.100.80.0/20
203.100.96.0/19
203.100.192.0/20
203.110.160.0/19
203.118.192.0/19
203.119.24.0/21
203.119.32.0/22
203.128.32.0/19
203.128.96.0/19
203.128.128.0/19
203.130.32.0/19
203.132.32.0/19
203.134.240.0/21
203.135.96.0/19
203.135.160.0/20
203.148.0.0/18
203.152.64.0/19
203.156.192.0/18
203.158.16.0/21
203.161.192.0/19
203.166.160.0/19
203.171.224.0/20
203.174.96.0/19
203.175.128.0/19
203.175.192.0/18
203.176.168.0/21
203.184.0.0/22
203.184.80.0/20
203.187.160.0/19
203.190.96.0/20
203.191.16.0/20
203.191.64.0/18
203.191.144.0/20
203.192.0.0/19
203.196.0.0/22
203.207.64.0/18
203.207.128.0/17
203.208.0.0/20
203.208.16.0/22
203.208.32.0/19
203.209.224.0/19
203.212.0.0/20
203.212.80.0/20
203.222.192.0/20
203.223.0.0/20
210.2.0.0/19
210.5.0.0/19
210.5.32.0/20
210.5.128.0/19
210.12.0.0/15
210.14.64.0/19
210.14.128.0/17
210.15.0.0/17
210.15.128.0/18
210.16.128.0/18
210.21.0.0/16
210.22.0.0/16
210.23.32.0/19
210.25.0.0/16
210.26.0.0/15
210.28.0.0/14
210.32.0.0/12
210.51.0.0/16
210.52.0.0/15
210.56.192.0/19
210.72.0.0/14
210.76.0.0/15
210.78.0.0/16
210.79.64.0/18
210.79.224.0/19
210.82.0.0/15
210.87.128.0/18
210.185.192.0/18
210.192.96.0/19
210.211.0.0/20
211.64.0.0/13
211.80.0.0/12
211.96.0.0/13
211.136.0.0/13
211.144.0.0/12
211.160.0.0/13
218.0.0.0/11
218.56.0.0/13
218.64.0.0/11
218.96.0.0/14
218.104.0.0/14
218.108.0.0/15
218.192.0.0/12
218.240.0.0/13
218.249.0.0/16
219.72.0.0/16
219.82.0.0/16
219.128.0.0/11
219.216.0.0/13
219.224.0.0/12
219.242.0.0/15
219.244.0.0/14
220.101.192.0/18
220.112.0.0/14
220.152.128.0/17
220.154.0.0/15
220.160.0.0/11
220.192.0.0/12
220.231.0.0/18
220.231.128.0/17
220.232.64.0/18
220.234.0.0/16
220.242.0.0/15
220.248.0.0/14
221.0.0.0/13
221.8.0.0/14
221.12.0.0/17
221.12.128.0/18
221.13.0.0/16
221.14.0.0/15
221.122.0.0/15
221.129.0.0/16
221.130.0.0/15
221.133.224.0/19
221.136.0.0/15
221.172.0.0/14
221.176.0.0/13
221.192.0.0/14
221.196.0.0/15
221.198.0.0/16
221.199.0.0/17
221.199.128.0/18
221.199.192.0/20
221.199.224.0/19
221.200.0.0/13
221.208.0.0/12
221.224.0.0/12
222.16.0.0/12
222.32.0.0/11
222.64.0.0/11
222.125.0.0/16
222.126.128.0/17
222.128.0.0/12
222.160.0.0/14
222.168.0.0/13
222.176.0.0/12
222.192.0.0/11
222.240.0.0/13
222.248.0.0/16
222.249.0.0/17
222.249.128.0/18
222.249.192.0/19
222.249.224.0/20
222.249.240.0/21
222.249.248.0/23
58.29.0.0/16
58.65.64.0/18
58.72.0.0/13
58.87.32.0/19
58.102.0.0/15
58.120.0.0/13
58.138.192.0/18
58.140.0.0/14
58.145.0.0/17
58.146.192.0/18
58.148.0.0/14
58.180.0.0/16
58.181.0.0/18
58.184.0.0/16
58.224.0.0/12
59.0.0.0/11
59.86.192.0/18
59.150.0.0/16
59.151.192.0/18
59.152.128.0/18
59.186.0.0/15
60.196.0.0/15
61.4.192.0/18
61.5.160.0/19
61.32.0.0/13
61.40.0.0/14
61.47.192.0/18
61.72.0.0/13
61.80.0.0/14
61.84.0.0/15
61.96.0.0/12
61.247.64.0/18
61.247.128.0/19
61.247.192.0/19
61.248.0.0/13
66.232.136.0/21
66.232.144.0/22
121.0.64.0/18
121.0.128.0/17
121.1.64.0/18
121.50.16.0/20
121.50.64.0/18
121.53.0.0/16
121.54.192.0/18
121.55.64.0/18
121.55.128.0/18
121.64.0.0/14
121.78.0.0/16
121.88.0.0/16
121.124.0.0/15
121.126.0.0/16
121.127.64.0/18
121.127.128.0/18
121.128.0.0/10
121.200.64.0/18
121.252.0.0/15
121.254.0.0/18
121.254.128.0/17
122.0.8.0/21
122.0.32.0/19
122.32.0.0/12
122.49.64.0/18
122.99.128.0/17
122.100.32.0/19
122.101.0.0/16
122.199.64.0/18
122.199.128.0/17
122.202.32.0/19
122.202.128.0/17
122.203.0.0/16
122.252.64.0/18
122.252.192.0/19
122.254.128.0/17
123.98.160.0/19
123.98.192.0/19
123.99.64.0/18
123.199.0.0/17
123.200.64.0/18
123.254.64.0/19
123.254.128.0/17
124.0.0.0/15
124.2.0.0/16
124.5.0.0/16
124.28.0.0/17
124.28.128.0/18
124.46.0.0/16
124.48.0.0/12
124.80.0.0/16
124.111.0.0/16
124.136.0.0/14
124.146.0.0/18
124.194.0.0/16
124.197.128.0/18
124.197.192.0/19
124.198.0.0/17
124.199.0.0/18
124.199.128.0/17
124.216.0.0/16
124.243.0.0/17
124.254.128.0/17
125.7.128.0/18
125.7.192.0/18
125.31.128.0/18
125.57.0.0/16
125.60.0.0/17
125.61.0.0/17
125.128.0.0/11
125.176.0.0/12
125.208.64.0/18
125.209.0.0/18
210.16.192.0/18
210.57.224.0/19

Thats not the complete list It was too big to post but thats the general idea of what I want to block.

procam · Dec 21, 2006

RandyO said:
You are not alone for sure, but so far that list is so long that it can bog your system down. There is also no real good RBL that is all inclusive of the korean/chinese ip list.

I have run the full list myself and yes spam does drop DRAMATICALLY but loads on server are compromised now by the list instead of the spam...

I already have all of it blocked for spam via the mailscanner blacklist - but I want all traffic to that specific server from china/korea blocked completely ~

RandyO · Dec 21, 2006

You are not alone for sure, but so far that list is so long that it can bog your system down. There is also no real good RBL that is all inclusive of the korean/chinese ip list.

I have run the full list myself and yes spam does drop DRAMATICALLY but loads on server are compromised now by the list instead of the spam...

jayh38 · Dec 21, 2006

Do some research on mod geoip. I have this installed on many servers for developers
to use for ads targeting but it seems very versitle for other things as well.

ckh · Dec 21, 2006

You probably already have some blacklists listed in your exim configuration. Here's what I have in mine and it's cut down the spam dramatically. Just make sure that the countries I have listed aren't ones that you or your clients are doing business with:

dnslists = sbl-xbl.spamhaus.org : ar.countries.nerd.dk : br.countries.nerd.dk : cn.countries.nerd.dk : kr.countries.nerd.dk : pl.countries.nerd.dk : tr.countries.nerd.dk : tw.countries.nerd.dk : vn.countries.nerd.dk

ar = Argentina
br = Brazil
cn = China
kr = Korea
pl = Poland
tr = Turkey
tw = Taiwan
vn = Vietnam

Chris

Thread starter	Similar threads	Forum	Replies	Date
M	cPanel update blocked by CSF firewall maybe?	Security	2	Apr 27, 2017
R	CSF firewall. Removing all IP blocks	Security	3	Oct 29, 2014
R	CSF Firewall Won't Block IP's	Security	6	Jul 15, 2014
C	CSF firewall unwanted blocks lfd: (mod_security) mod_security	Security	2	Jul 7, 2014
K	CSF Firewall: *TCP_OUT Blocked	Security	41	Oct 25, 2006

Search

Search

CSF firewall, how can I block an IP range?

jols

Well-Known Member

mickalo

Well-Known Member

jols

Well-Known Member

procam

Well-Known Member

procam

Well-Known Member

RandyO

Well-Known Member

jayh38

Well-Known Member

ckh

Well-Known Member