| 9:49 pm on Nov 25, 2012 (gmt 0)|
|deny from 220.127.116.11/22 18.104.22.168/22 22.214.171.124/20 126.96.36.199/16 188.8.131.52/24 |
Well, ###. Yet another thing I didn't realize you could do.
Does this format run faster than one deny per line, as in
|deny from 184.108.40.206/22 |
deny from 220.127.116.11/22
deny from 18.104.22.168/20
deny from 22.214.171.124/16
deny from 126.96.36.199/24
Incidentally, I've got 188.8.131.52/14 as a single block. Did I miss a bit of Australia hiding in the middle? Also 184.108.40.206/18 as a country unit (not necessarily all the same ISP). But I don't pay much attention to Indonesia.
| 12:13 am on Nov 26, 2012 (gmt 0)|
No, using a command for every IP is not as fast as grouping many IPs on a line for 2 reasons:
1.) takes extra bytes for the "deny from" code.
2.) each line is read per command. Starting a new command for each IP is more processing.
I start a new line for each A class just as a management technique, CIDRs separated by a single space. Example:
deny from 220.127.116.11/13 18.104.22.168/15
deny from 22.214.171.124/16 126.96.36.199/32 188.8.131.52/23
deny from 184.108.40.206/16
deny from 220.127.116.11/23
deny from 18.104.22.168/12
deny from 22.214.171.124/8
deny from 126.96.36.199/16 188.8.131.52/14
deny from 184.108.40.206/22 220.127.116.11/24 18.104.22.168/24 22.214.171.124/24
deny from 126.96.36.199/24 188.8.131.52/24 184.108.40.206/24 220.127.116.11/17 18.104.22.168/18 22.214.171.124/28 126.96.36.199/29 188.8.131.52/19
| 1:39 am on Nov 26, 2012 (gmt 0)|
Thank you so much for clarifying,, keyplyr, now I know where I'm heading with the country codes. I had never entered multiple CIDRs in a single line before, didn't know we could do that. It would be dizzying to edit lines that are too long, so I'm adding them in related batches. Unless someday I find out that numerical order is important for performance.
| 2:55 am on Nov 26, 2012 (gmt 0)|
:: detour to horse's mouth [httpd.apache.org] to read up on mod_authz_host and see if there's any more stuff that everyone in the world except me has always known ::
| 1:37 pm on Nov 26, 2012 (gmt 0)|
Is this considered part of the Chinanet group?
<> 184.108.40.206 - 220.127.116.11
115.236.51.xxx - - [25/Nov/2012:23:47:14 -0800] "GET / HTTP/1.1" 403 3251 "www.google.com" "Explore 6.0"
| 7:29 pm on Nov 26, 2012 (gmt 0)|
@ Ken_S IMO yes, it looks to be maintained by Chinanet.
Just a FYI - The link to China ranges (msg:4521970) is old and there are many important missing ranges.
| This 36 message thread spans 2 pages: < < 36 ( 1  ) |