From owner-freebsd-ipfw@FreeBSD.ORG Fri Feb 6 10:00:47 2004 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 98C6016A4CE for ; Fri, 6 Feb 2004 10:00:47 -0800 (PST) Received: from xorpc.icir.org (xorpc.icir.org [192.150.187.68]) by mx1.FreeBSD.org (Postfix) with ESMTP id 58D5B43D39 for ; Fri, 6 Feb 2004 10:00:45 -0800 (PST) (envelope-from rizzo@icir.org) Received: from xorpc.icir.org (localhost [127.0.0.1]) by xorpc.icir.org (8.12.9p1/8.12.8) with ESMTP id i16I0jAF062777; Fri, 6 Feb 2004 10:00:45 -0800 (PST) (envelope-from rizzo@xorpc.icir.org) Received: (from rizzo@localhost) by xorpc.icir.org (8.12.9p1/8.12.3/Submit) id i16I0jfe062776; Fri, 6 Feb 2004 10:00:45 -0800 (PST) (envelope-from rizzo) Date: Fri, 6 Feb 2004 10:00:45 -0800 From: Luigi Rizzo To: "Jack L. Stone" Message-ID: <20040206100045.A62737@xorpc.icir.org> References: <3.0.5.32.20040206115553.01ea6670@10.0.0.15> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <3.0.5.32.20040206115553.01ea6670@10.0.0.15>; from jacks@sage-american.com on Fri, Feb 06, 2004 at 11:55:53AM -0600 cc: freebsd-ipfw@freebsd.org Subject: Re: Syntax to block 38 IPs X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Feb 2004 18:00:47 -0000 use ipfw2 -- see the address set syntax in 'man ipfw' luigi On Fri, Feb 06, 2004 at 11:55:53AM -0600, Jack L. Stone wrote: > Am running IPFW on FBSD-4.8p14 > > For almost a year (or more), one of my servers has been hammered by > redalert.com, a service to which I do not subscribe. My efforts to get them > to stop has gone ignored. Every night, the server is peppered with their > "taps". > > Thus, it's time to use a firewall rule to stop it. The problem is that they > use a broad range of source IPs. The list I show here is only for the past > 4 days. I don't want to block any innocent IPs and wondered how I could > best create a rule(s) to stop the 38 IPs below without 38 individual lines > in the rules...?? > > Appreciate help! Thanks! > > 209.102.202.131 > 209.102.202.132 > 209.102.202.133 > 209.102.202.134 > 209.102.202.135 > 209.102.202.136 > 209.102.202.137 > 209.102.202.151 > 209.102.202.152 > 209.102.202.153 > 209.102.202.154 > 209.102.202.155 > 209.102.202.156 > 209.102.202.157 > 209.102.202.165 > 65.194.51.131 > 65.194.51.132 > 65.194.51.133 > 65.194.51.134 > 65.194.51.135 > 65.194.51.136 > 65.194.51.137 > 65.194.51.151 > 65.194.51.152 > 65.194.51.153 > 65.194.51.154 > 65.194.51.155 > 65.194.51.156 > 65.194.51.157 > 65.194.51.165 > 66.226.213.131 > 66.226.213.132 > 66.226.213.133 > 66.226.213.134 > 66.226.213.135 > 66.226.213.136 > 66.226.213.137 > 66.226.213.165 > > > Best regards, > Jack L. Stone, > Administrator > > Sage American > http://www.sage-american.com > jacks@sage-american.com > _______________________________________________ > freebsd-ipfw@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw > To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org"