Deny large number of IPs via ipfw
fbsd
fbsd at a1poweruser.com
Sun Jun 11 14:12:03 UTC 2006
Using such an list of ip address from a major rbl is flawed at the
core of the idea.
Over 85% of those 3 million ip address are spoofed in the first
place.
Most are what would be called false positives.
Reread the info at the source cbl.abuseat.org it says the data is
not intended to be used the way you are trying to use it.
You really need to rethink what you are doing.
-----Original Message-----
From: owner-freebsd-questions at freebsd.org
[mailto:owner-freebsd-questions at freebsd.org]On Behalf Of Dan
Mahoney,
System Admin
Sent: Sunday, June 11, 2006 8:36 AM
To: questions at freebsd.org
Subject: Deny large number of IPs via ipfw
Hey all,
I've got a file that I just synced from a major RBL, and I'd like to
just
use it to globally deny access to my system. Is there an easy way
to do
this within ipfw -- the file is about 3 *million* lines, and is from
cbl.abuseat.org.
-Dan
--
"SOY BOMB!"
-The Chest of the nameless streaker of the 1998 Grammy Awards' Bob
Dylan
Performance.
--------Dan Mahoney--------
Techie, Sysadmin, WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144 AIM: LarpGM
Site: http://www.gushi.org
---------------------------
_______________________________________________
freebsd-questions at freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"freebsd-questions-unsubscribe at freebsd.org"
More information about the freebsd-questions
mailing list