Welcome to WebmasterWorld Guest from 54.205.209.95

Forum Moderators: bakedjake

Message Too Old, No Replies

Banning entire isp

   
4:30 pm on Sep 18, 2005 (gmt 0)

10+ Year Member



I am using apf firewall based on iptables. I need to temporarily ban an isp, the example given in the firewall config is :

24.202.11.0/24 (blocking 24.202.11.* I think)

but I need to ban 24.202.*.*

Does anyone have a rule to do this?

BTW this particular ip is just an example from the documentation.

12:40 am on Sep 19, 2005 (gmt 0)

10+ Year Member



Have you considered using / do you have the facility to us... htaccess for this? (Are you running on an apache web server [webmasterworld.com]?)
12:56 am on Sep 19, 2005 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



24.202.0.0/16
4:59 pm on Sep 19, 2005 (gmt 0)

10+ Year Member



Thanks I will try that, I am running apache but I think it's best just to ban from the entire server
5:04 pm on Sep 19, 2005 (gmt 0)

10+ Year Member



I should add that a good place to learn about why you're now using /16 instead of /24 would be to learn about Subnetting [en.wikipedia.org]. It will save you some grief later, expecially if you're messing with firewall rules. :)

MM

10:06 pm on Sep 19, 2005 (gmt 0)

10+ Year Member



Please note that some ISPs have a tendecy to sue once you ban them.
2:15 am on Oct 5, 2005 (gmt 0)

10+ Year Member



AbsintheSyringe,

Can you point us to a concrete example of that?

I've been in the Internet industry for quite a while and have never heard of an ISP suing anyone because they were blocked by their firewall rules unless there was some sort of pre-existing contractual relationship where they had agreed to pass traffic for them.

Obviously they wouldn't have a legal leg to stand on, somehow trying to force someone into allowing their packets on the other persons server or network.