Re: [qmailtoaster] Block incoming mail IP range
If you are just wanting to drop that block from sending mail three ways #1 Firewall Iptables #2 Spamdyke blacklist_ip #3 Tcp rules On 8/4/2014 1:41 AM, Linux wrote: Hi, Please guide, How to block range of IP's for incoming mail? IP: 209.85.xxx.xxx Thanks, Ravi --
Re: [qmailtoaster] Block incoming mail IP range
FWIIW This is the reverse - unblockip script... Examples must be exactly the same as those used to blockip/range. -- snip unblockip --- #!/bin/sh logf="/var/log/blockip.log" mdate=`date +%c` ### must be root ### if [ `whoami` != "root" ]; then echo "" echo "$0 must be ran as root" echo "" exit 1 fi export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin is_ip="grep -Ec '^[1-2]?[0-9]?[0-9]\.[0-2]?[0-9]?[0-9]\.[0-2]?[0-9]?[0-9]\.[0-2]?[0-9]?[0-9](\/[0-3]?[0-9])?$'" if [ `echo $1 |eval $is_ip` != "1" ]; then echo "$mdate Error in IP address $1" >> $logf else iptables -D INPUT -s $1 -j DROP echo "=== UNBLOCK IP " >> /etc/rc.d/rc.blockedips echo "iptables -D INPUT -s $1 -j DROP" >> /etc/rc.d/rc.blockedips echo "=== UNBLOCK IP " >> /etc/rc.d/rc.blockedips echo "$mdate now allowing all packets from $1" >> $logf fi --- end snip best wishes Tony White On 4/08/2014 21:26, Tony White wrote: This is the script I have been using... examples at the cli ... blockip 192.168.1.26 or blockip 192.168.0.0/16 or blockip 192.168.1.0/24 works immediately and creates a rc.blockedips file for use on reboot to reinstate the currently blocked ip's. -- snip blockip - #!/bin/bash logf="/var/log/blockip.log" mdate=`date +%c` mip=$1 ### must be root ### if [ `whoami` != "root" ]; then echo "" echo "$0 must be run as root" echo "" exit 1 fi; export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin is_ip="grep -Ec '^[1-2]?[0-9]?[0-9]\.[0-2]?[0-9]?[0-9]\.[0-2]?[0-9]?[0-9]\.[0-2]?[0-9]?[0-9](\/[0-3]?[0-9])?$'" if [ `echo $1 |eval $is_ip` != "1" ]; then echo "$mdate Error in IP address $1" >> $logf echo "$mdate Error in IP address $1" else iptables -I INPUT -s $1 -j DROP echo "iptables -I INPUT -s $1 -j DROP" >> /etc/rc.d/rc.blockedips echo "$mdate now dropping all packets from $1" >> $logf fi; -- end snip On 4/08/2014 18:22, ChandranManikandan wrote: Hi Ravi, Use in IPTABLES to block it. On Mon, Aug 4, 2014 at 2:41 PM, Linux mailto:li...@ikf.co.in>> wrote: Hi, Please guide, How to block range of IP's for incoming mail? IP: 209.85.xxx.xxx Thanks, Ravi -- */Thanks & Best Regards, Manikandan.C /*
Re: [qmailtoaster] Block incoming mail IP range
This is the script I have been using... examples at the cli ... blockip 192.168.1.26 or blockip 192.168.0.0/16 or blockip 192.168.1.0/24 works immediately and creates a rc.blockedips file for use on reboot to reinstate the currently blocked ip's. -- snip blockip - #!/bin/bash logf="/var/log/blockip.log" mdate=`date +%c` mip=$1 ### must be root ### if [ `whoami` != "root" ]; then echo "" echo "$0 must be run as root" echo "" exit 1 fi; export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin is_ip="grep -Ec '^[1-2]?[0-9]?[0-9]\.[0-2]?[0-9]?[0-9]\.[0-2]?[0-9]?[0-9]\.[0-2]?[0-9]?[0-9](\/[0-3]?[0-9])?$'" if [ `echo $1 |eval $is_ip` != "1" ]; then echo "$mdate Error in IP address $1" >> $logf echo "$mdate Error in IP address $1" else iptables -I INPUT -s $1 -j DROP echo "iptables -I INPUT -s $1 -j DROP" >> /etc/rc.d/rc.blockedips echo "$mdate now dropping all packets from $1" >> $logf fi; -- end snip On 4/08/2014 18:22, ChandranManikandan wrote: Hi Ravi, Use in IPTABLES to block it. On Mon, Aug 4, 2014 at 2:41 PM, Linux mailto:li...@ikf.co.in>> wrote: Hi, Please guide, How to block range of IP's for incoming mail? IP: 209.85.xxx.xxx Thanks, Ravi -- */Thanks & Best Regards, Manikandan.C /*
Re: [qmailtoaster] Block incoming mail IP range
Hi; /etc/tcprules/smtp.rules. click link for details : http://thedjbway.b0llix.net/djbrbl/rbletc.html 2014-08-04 11:22 GMT+03:00 ChandranManikandan : > Hi Ravi, > Use in IPTABLES to block it. > > > On Mon, Aug 4, 2014 at 2:41 PM, Linux wrote: > >> Hi, >> >> Please guide, How to block range of IP's for incoming mail? >> >> IP: 209.85.xxx.xxx >> >> >> >> >> >> Thanks, >> >> >> >> Ravi >> >> >> >> >> > > > > -- > > > *Thanks & Best Regards,Manikandan.C* >
Re: [qmailtoaster] Block incoming mail IP range
Hi Ravi, Use in IPTABLES to block it. On Mon, Aug 4, 2014 at 2:41 PM, Linux wrote: > Hi, > > Please guide, How to block range of IP's for incoming mail? > > IP: 209.85.xxx.xxx > > > > > > Thanks, > > > > Ravi > > > > > -- *Thanks & Best Regards,Manikandan.C*