Date: Fri, 6 Feb 2004 13:09:48 -0500 From: Don Bowman <don@sandvine.com> To: "'Jack L. Stone'" <jacks@sage-american.com>, freebsd-ipfw@freebsd.org Subject: RE: Syntax to block 38 IPs Message-ID: <FE045D4D9F7AED4CBFF1B3B813C85337045D7EEA@mail.sandvine.com>
next in thread | raw e-mail | index | archive | help
From: Jack L. Stone [mailto:jacks@sage-american.com]
>
> Am running IPFW on FBSD-4.8p14
>
> For almost a year (or more), one of my servers has been hammered by
> redalert.com, a service to which I do not subscribe. My
> efforts to get them
> to stop has gone ignored. Every night, the server is peppered
> with their
> "taps".
>
> Thus, it's time to use a firewall rule to stop it. The
> problem is that they
> use a broad range of source IPs. The list I show here is only
> for the past
> 4 days. I don't want to block any innocent IPs and wondered
> how I could
> best create a rule(s) to stop the 38 IPs below without 38
> individual lines
> in the rules...??
>
> Appreciate help! Thanks!
deny ip from { 209.102.202.131, 209.102.202.132, ...} to any
this uses IPFW2 I think.
from the shell, remember to escape the { as \{.
you could also send a RST i suppose, but just dropping it is
best.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?FE045D4D9F7AED4CBFF1B3B813C85337045D7EEA>