[olug] IPTables, Blacklist add multiple and range
olug at wjjeep.com
Mon Jan 23 04:39:48 UTC 2006
On Sat, Jan 21, 2006 at 09:29:36PM +0100, Charles Bird wrote:
> Is there a simple way to blacklist a series of IP's, say perhaps 3000+
> What is the command/syntax for a range or multiple?
> I have a black list given to me and adding each one is very time consuming, I'm looking for a way to get them off of the text file, or possibly set up the text file in a way were when a new IP is added that its in there in a way that IP tables can see it and its added.
> Most of these IPs are not dynamic, most are static ips associated with proxies that AXXHoles are using.
> Is there an existing blacklist file that anyone has? And under what circumstances were the IPs blacklisted?
You can always use netmasking...
In my iptables script, I use:
-A FORWARD -s 184.108.40.206/19 -j LDROP
That example will block 220.127.116.11 to 18.104.22.168, or 8,190 IP addresses. You can use a calculator at http://www.subnetmask.info/ or any other IP calculator sites on the 'net.
* Note: IP range above was deemed blacklist-worthy by sans.org.
More information about the OLUG