[olug] IPTables, Blacklist add multiple and range
Phil Brammer
olug at wjjeep.com
Mon Jan 23 04:39:48 UTC 2006
On Sat, Jan 21, 2006 at 09:29:36PM +0100, Charles Bird wrote:
> Is there a simple way to blacklist a series of IP's, say perhaps 3000+
> What is the command/syntax for a range or multiple?
>
> I have a black list given to me and adding each one is very time consuming, I'm looking for a way to get them off of the text file, or possibly set up the text file in a way were when a new IP is added that its in there in a way that IP tables can see it and its added.
>
> Most of these IPs are not dynamic, most are static ips associated with proxies that AXXHoles are using.
>
> Is there an existing blacklist file that anyone has? And under what circumstances were the IPs blacklisted?
You can always use netmasking...
In my iptables script, I use:
-A FORWARD -s 69.50.160.0/19 -j LDROP
That example will block 69.50.160.1 to 69.50.191.254, or 8,190 IP addresses. You can use a calculator at http://www.subnetmask.info/ or any other IP calculator sites on the 'net.
* Note: IP range above was deemed blacklist-worthy by sans.org.
Phil
More information about the OLUG
mailing list