Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. General Discussion (Legacy)
  4. Topic: Blocking Specific IP Addresses
« previous next »
Pages: [1]   Go Down

Blocking Specific IP Addresses

  • 7 Replies
  • 517 Views

Tim

Blocking Specific IP Addresses
« on: June 17, 2002, 07:16:00 PM »
Hi group,

Is it possible or is there an RPM available that can block IP addresses?  

I am currently using SessionWall on an 2K box and SLMAIL on an NT box and I have rule sets blocking known SPAM organizations and SPAMMERS on both.  It's a huge list and it currently blocks 90% of SPAM for my clients.  

I am in the process of putting everything behind a Mitel/E-Smith box and I would like to be able to filter the IP address list at the Mitel box instead of doing it in two or three different places.

I have the UPDATE SYSTEM and USER-MANAGER rpms in place.  Any thoughts or ideas would be appreciated.  

Thanks!

--Tim
Logged

Kees Vonk

Re: Blocking Specific IP Addresses
« Reply #1 on: June 17, 2002, 07:47:53 PM »
You could try something like spamassasin (http://spamassassin.org/). I think I does what you want, but I haven't used it myself.

Kees
Logged

Tim

Re: Blocking Specific IP Addresses
« Reply #2 on: June 18, 2002, 07:48:06 AM »
Thanks Kees,

Neat stuff there but not what I was looking for.  I need to input IP addresses and/or blocks of IP addresses.  

Example: I want to block mail from anywhere inside 202.0.0.0-202.255.255.255 and 203.0.0.0-203.255.255.255.  These are two huge blocks of ISP's in the Asian Pacific Network that promote SPAM/UCE and free mail services.  

Thanks!

--Tim
Logged

Daley Lay

Re: Blocking Specific IP Addresses
« Reply #3 on: June 18, 2002, 12:43:54 PM »
Tim,

you can use ipchains to block the IP, to add more IPs to block simply type /sbin/ipchains -I input -s 123.123.123.123 -j DENY -l.

If you wish to have permanent setting after each rebooted, just addin at the end of /etc/rc.d/rc.local file.

Regards,
Daley
Logged

Tim

Re: Blocking Specific IP Addresses
« Reply #4 on: July 24, 2002, 03:22:10 AM »
Hi Daley,

What would the string be for a block of IP's.  Example:
The Asian Pacific Network:  202.0.0.0-202.255.255.255

Is there a batch process method or file that I can plug in hundreds of blocks like this one?

I have an extensive IP list of known spammers and spamming hosts and I would like the E-Smith server to deny them access.

Thanks in advance.

---tim
Logged

Chris Trent

Re: Blocking Specific IP Addresses
« Reply #5 on: July 25, 2002, 04:21:20 AM »
/sbin/ipchains -I input -s 202.0.0.0/8 -j DENY -l
Logged

Daley Lay

Re: Blocking Specific IP Addresses
« Reply #6 on: July 25, 2002, 01:27:12 PM »
Tim,

it shd be /sbin/ipchains -I input -s xx.xx.xx.xxx -d xxx.xxx.xxx.xxx -j DENY -l, i'm not sure for ranging IP block.
Logged

Ruud

Re: Blocking Specific IP Addresses
« Reply #7 on: April 11, 2003, 01:24:39 AM »
But for the SME V5.6 is ipchains not working.
So i think you'll need to create custom templates to adjust the
/etc/rc.d/init.d/masq script.
How i don't know, perhaps has somebody the answer?
Logged
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. General Discussion (Legacy)
  4. Topic: Blocking Specific IP Addresses