Re: [qmailtoaster] Block incoming mail IP range

2014-08-15 Thread David Milholen 

If you are just wanting to drop that block  from sending mail
three ways
#1 Firewall Iptables
#2 Spamdyke blacklist_ip
#3 Tcp rules

On 8/4/2014 1:41 AM, Linux wrote:


Hi,

Please guide, How to block range of IP's for incoming mail?

IP: 209.85.xxx.xxx

Thanks,

Ravi



--

Re: [qmailtoaster] Block incoming mail IP range

2014-08-04 Thread Tony White 

FWIIW

This is the reverse - unblockip script...

Examples must be exactly the same as those
used to blockip/range.

-- snip unblockip ---
#!/bin/sh
logf="/var/log/blockip.log"
mdate=`date +%c`
### must be root ###
if [ `whoami` != "root" ]; then
echo ""
echo "$0 must be ran as root"
echo ""
exit 1
fi
export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
is_ip="grep -Ec 
'^[1-2]?[0-9]?[0-9]\.[0-2]?[0-9]?[0-9]\.[0-2]?[0-9]?[0-9]\.[0-2]?[0-9]?[0-9](\/[0-3]?[0-9])?$'"

if [ `echo $1 |eval $is_ip` != "1" ]; then
echo "$mdate Error in IP address $1" >> $logf
else
iptables -D INPUT -s $1 -j DROP
echo "=== UNBLOCK IP " >> /etc/rc.d/rc.blockedips
echo "iptables -D INPUT -s $1 -j DROP" >> /etc/rc.d/rc.blockedips
echo "=== UNBLOCK IP " >> /etc/rc.d/rc.blockedips
echo "$mdate now allowing all packets from $1" >> $logf
fi

--- end snip 


best wishes
  Tony White


On 4/08/2014 21:26, Tony White wrote:

This is the script I have been using...

examples
at the cli ...

blockip 192.168.1.26
or
blockip 192.168.0.0/16
or
blockip 192.168.1.0/24

works immediately and creates a rc.blockedips file for use on reboot
to reinstate the currently blocked ip's.

-- snip blockip -
#!/bin/bash
logf="/var/log/blockip.log"
mdate=`date +%c`
mip=$1
### must be root ###
if [ `whoami` != "root" ]; then
echo ""
echo "$0 must be run as root"
echo ""
exit 1
fi;

export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
is_ip="grep -Ec 
'^[1-2]?[0-9]?[0-9]\.[0-2]?[0-9]?[0-9]\.[0-2]?[0-9]?[0-9]\.[0-2]?[0-9]?[0-9](\/[0-3]?[0-9])?$'"

if [ `echo $1 |eval $is_ip` != "1" ]; then
  echo "$mdate Error in IP address $1" >> $logf
  echo "$mdate Error in IP address $1"
else
  iptables -I INPUT -s $1 -j DROP
  echo "iptables -I INPUT -s $1 -j DROP" >> /etc/rc.d/rc.blockedips
  echo "$mdate now dropping all packets from $1" >> $logf
fi;

-- end snip 


On 4/08/2014 18:22, ChandranManikandan wrote:

Hi Ravi,
Use in IPTABLES to block it.


On Mon, Aug 4, 2014 at 2:41 PM, Linux mailto:li...@ikf.co.in>> wrote:

Hi,

Please guide, How to block range of IP's for incoming mail?

IP: 209.85.xxx.xxx

Thanks,

Ravi




--
*/Thanks & Best Regards,
Manikandan.C
/*

Re: [qmailtoaster] Block incoming mail IP range

2014-08-04 Thread Tony White 

This is the script I have been using...

examples
at the cli ...

blockip 192.168.1.26
or
blockip 192.168.0.0/16
or
blockip 192.168.1.0/24

works immediately and creates a rc.blockedips file for use on reboot
to reinstate the currently blocked ip's.

-- snip blockip -
#!/bin/bash
logf="/var/log/blockip.log"
mdate=`date +%c`
mip=$1
### must be root ###
if [ `whoami` != "root" ]; then
echo ""
echo "$0 must be run as root"
echo ""
exit 1
fi;

export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
is_ip="grep -Ec 
'^[1-2]?[0-9]?[0-9]\.[0-2]?[0-9]?[0-9]\.[0-2]?[0-9]?[0-9]\.[0-2]?[0-9]?[0-9](\/[0-3]?[0-9])?$'"

if [ `echo $1 |eval $is_ip` != "1" ]; then
  echo "$mdate Error in IP address $1" >> $logf
  echo "$mdate Error in IP address $1"
else
  iptables -I INPUT -s $1 -j DROP
  echo "iptables -I INPUT -s $1 -j DROP" >> /etc/rc.d/rc.blockedips
  echo "$mdate now dropping all packets from $1" >> $logf
fi;

-- end snip 


On 4/08/2014 18:22, ChandranManikandan wrote:

Hi Ravi,
Use in IPTABLES to block it.


On Mon, Aug 4, 2014 at 2:41 PM, Linux mailto:li...@ikf.co.in>> wrote:

Hi,

Please guide, How to block range of IP's for incoming mail?

IP: 209.85.xxx.xxx

Thanks,

Ravi




--
*/Thanks & Best Regards,
Manikandan.C
/*

Re: [qmailtoaster] Block incoming mail IP range

2014-08-04 Thread Hasan Akgöz 
Hi;

/etc/tcprules/smtp.rules. click link for details :
http://thedjbway.b0llix.net/djbrbl/rbletc.html


2014-08-04 11:22 GMT+03:00 ChandranManikandan :

> Hi Ravi,
> Use in IPTABLES to block it.
>
>
> On Mon, Aug 4, 2014 at 2:41 PM, Linux  wrote:
>
>>  Hi,
>>
>> Please guide, How to block range of IP's for incoming mail?
>>
>> IP: 209.85.xxx.xxx
>>
>>
>>
>>
>>
>> Thanks,
>>
>>
>>
>> Ravi
>>
>>
>>
>>
>>
>
>
>
> --
>
>
> *Thanks & Best Regards,Manikandan.C*
>

Re: [qmailtoaster] Block incoming mail IP range

2014-08-04 Thread ChandranManikandan 
Hi Ravi,
Use in IPTABLES to block it.


On Mon, Aug 4, 2014 at 2:41 PM, Linux  wrote:

>  Hi,
>
> Please guide, How to block range of IP's for incoming mail?
>
> IP: 209.85.xxx.xxx
>
>
>
>
>
> Thanks,
>
>
>
> Ravi
>
>
>
>
>



-- 


*Thanks & Best Regards,Manikandan.C*