[olug] IPTables, Blacklist add multiple and range

Noel Leistad noel at metc.net
Sat Jan 21 20:55:59 UTC 2006

I've been using the firewall script AdamH presented. If the IPs are 
already in a text file, so much the better. It's a shoe-in. You might 
need a little of Joe Franco's vi text processing if the IPs are in a 
string, but....


In all actuality, I have very few "badips" in my file, most addresses I 
block happen in hosts.deny

They end up there if they have repeatedly attempted ssh logins, apache 
probes, etc and FAILED to address complaints to the "network owners" abuse@

I think hosts.deny is EASIER for full CLASSes of abusive addresses. 
Individual addresses can go here as well, or are easily dropped into the 
badips file for the rc.firewall script.

Charles Bird wrote:

>Is there a simple way to blacklist a series of IP's, say perhaps 3000+
>What is the command/syntax for a range or multiple?
>I have a black list given to me and adding each one is very time consuming, I'm looking for a way to get them off of the text file, or possibly set up the text file in a way were when a new IP is added that its in there in a way that IP tables can see it and its added.
>Most of these IPs are not dynamic, most are static ips associated with proxies that AXXHoles are using.
>Is there an existing blacklist file that anyone has? And under what circumstances were the IPs blacklisted?

Noel Leistad
noel at metc.net

More information about the OLUG mailing list