What the bleep? What have you got against IPs whose "b" element is .0. ? (And what's with 165.228? I thought that was Australian humans.) I strongly suspect there was a major cut-and-paste error.

"Lose access" as in server error or load-up problem, or do you too get hit with a 404? What's your own IP? ;)

Hi Lucy,

We are having problems with a person who used an IP changer to attack or blog. We had another script which worked fine except it only takes single IPs. As of late that person is spoofing IPs from RIPE, APNICE and LANIC. I pulled the list of IPs from IANA they are mostly /8 ranges.

The messesages are just there to make them go away and was part of the original script from this site.

Thank you for asking.

Scoopgrl

they are mostly /8 ranges.

That's why I suspected a cut-and-paste error. The list of IPs in your original post is not /8 ranges; they are all /16. In fact
:: comes the dawn ::
the quoted rule contains two absolutely lethal errors; I'm surprised anyone's getting in.

#1 In regular expressions, an ordinary un-escaped . dot means "any character".

#2 The absence of parentheses means that the ^ opening anchor applies only to the very first element,
^1.0
All others are in the form "IP contains '2x0x' or contains '5x0x' or..."

So, for example, the rule exludes any request from an IP containing
/2.0/
That's not just
2.0.45.56
but
210.anything
220.anything
1.2.0.anything
11.240.anything
12.0.anything
64.126.2.0
64.126.230.anything
92.0.anything
222.0.anything

and so on and so on. Your only salvation is that IPv4 addresses don't use leading zeros; the form ".0" only occurs if zero is the whole thing.

The intended form-- keeping line breaks for readability-- is probably

^(1|2|5|27|36|37|39|42|46|49|58|59|
60|61|62|75|77|78|79|80|81|82|83|84|85|86|87|88|89|90|91|92|93|94|95|
101|103|106|109|110|111|112|113|114|115|
116|117|118|119|120|121|122|123|124|125|
165\.228|165\.229|168\.140|175|176|177|178|179|180|181|182|183|185|
186|187|189|190|193|194|195|197|
200|201|202|210|211|212|213|217|218|219|220|221|222)\.

This can, of course, be greatly condensed: for example
220|221|222
=
22[012]
They should also be rearranged into numerical order (I did it with Line Sort in a text editor), unless you find it useful to keep the RIPE pieces separate from the APNIC pieces.

Hi Lucy, many thanks. I've never been any good (obviously) at coding. Normally, I would have ordered numerically, however, I was tired and frustrated.

I was aware that 2.0 means 2 anything. IANA has assigned entire block to countries. I need to make sure regardless of the address he uses from RIPE, APNIC, AFRIC or LANIC, he will be blocked. We have one person from Japan, his subnet is excluded.

Is there a suitable expression for allowing specific blocks and single IPs?

I'm sorry, I do not understand the notation for condensing. I do understand I can condense between any numerically contiguous range. I cannot condense 1|2|5, I may condense 58|59|60|61|62

Thank you in advance for your patience. Here is my new script.

<!-- #if expr="${REMOTE_ADDR} = /^(1|2|5|27|36|37|39|42|46|49|58|59|
60|61|62|75|77|78|79|80|81|82|83|84|85|86|87|88|89|90|91|92|93|94|95|
101|103|106|109|110|111|112|113|114|115|
116|117|118|119|120|121|122|123|124|125|
165\.228|165\.229|168\.140|175|176|177|178|179|180|181|182|183|185|
186|187|189|190|193|194|195|197|
200|201|202|210|211|212|213|217|218|219|220|221|222)\."-->
<script language="javascript">
alert("Error 404");
if (confirm("The Page Does Not Exist"))
{location.href="http://www.google.com" } else { ("Contact Your Server Admininstrator if This Error Persists");}
</script>
<!--#endif -->