My Latest IPCHAINS Scripts: Comments Requested if I am in Error: Running Linux Mandrake 7.1

My Latest IPCHAINS Scripts: Comments Requested if I am in Error: Running Linux Mandrake 7.1

Post by Felix Tille » Fri, 23 Mar 2001 13:39:17




# script to deny connections from Korea
#
echo "Blocking S. Korea"
/sbin/ipchains -A input -j DENY -p all -l -s 202.6.95.0/24 -d 0.0.0.0/0
/sbin/ipchains -A input -j DENY -p all -l -s 202.14.103.0/24 -d 0.0.0.0/0
/sbin/ipchains -A input -j DENY -p all -l -s 202.14.165.0/24 -d 0.0.0.0/0
/sbin/ipchains -A input -j DENY -p all -l -s 202.20.82.0/24 -d 0.0.0.0/0
/sbin/ipchains -A input -j DENY -p all -l -s 202.20.84.0/24 -d 0.0.0.0/0
/sbin/ipchains -A input -j DENY -p all -l -s 202.20.86.0/24 -d 0.0.0.0/0
/sbin/ipchains -A input -j DENY -p all -l -s 202.20.99.0/24 -d 0.0.0.0/0
/sbin/ipchains -A input -j DENY -p all -l -s 202.20.119.0/24 -d 0.0.0.0/0
/sbin/ipchains -A input -j DENY -p all -l -s 202.20.128.0/17 -d 0.0.0.0/0
/sbin/ipchains -A input -j DENY -p all -l -s 202.20.0.0/21 -d 0.0.0.0/0
/sbin/ipchains -A input -j DENY -p all -l -s 202.30.0.0/15 -d 0.0.0.0/0
/sbin/ipchains -A input -j DENY -p all -l -s 203.224.0.0/11 -d 0.0.0.0/0
/sbin/ipchains -A input -j DENY -p all -l -s 210.90.0.0/15 -d 0.0.0.0/0
/sbin/ipchains -A input -j DENY -p all -l -s 210.92.0.0/14 -d 0.0.0.0/0
/sbin/ipchains -A input -j DENY -p all -l -s 210.96.0.0/11 -d 0.0.0.0/0
/sbin/ipchains -A input -j DENY -p all -l -s 210.178.0.0/15 -d 0.0.0.0/0
/sbin/ipchains -A input -j DENY -p all -l -s 210.180.0.0/14 -d 0.0.0.0/0
/sbin/ipchains -A input -j DENY -p all -l -s 210.204.0.0/14 -d 0.0.0.0/0
/sbin/ipchains -A input -j DENY -p all -l -s 210.216.0.0/13 -d 0.0.0.0/0
/sbin/ipchains -A input -j DENY -p all -l -s 211.32.0.0/11 -d 0.0.0.0/0
/sbin/ipchains -A input -j DENY -p all -l -s 211.104.0.0/13 -d 0.0.0.0/0
/sbin/ipchains -A input -j DENY -p all -l -s 211.112.0.0/13 -d 0.0.0.0/0
/sbin/ipchains -A input -j DENY -p all -l -s 211.168.0.0/13 -d 0.0.0.0/0
/sbin/ipchains -A input -j DENY -p all -l -s 211.176.0.0/12 -d 0.0.0.0/0
/sbin/ipchains -A input -j DENY -p all -l -s 211.192.0.0/12 -d 0.0.0.0/0
#
# script to deny access from at least a part of China Telecom
#
echo "Blocking part of China Telecom"
/sbin/ipchains -A input -j DENY -p all -l -s  61.128.0.0/9 -d 0.0.0.0/0
/sbin/ipchains -A input -j DENY -p all -l -s 202.96.0.0/11 -d 0.0.0.0/0
/sbin/ipchains -A input -j DENY -p all -l -s 210.72.0.0/13 -d 0.0.0.0/0
#
# script to deny access to my SMTP port
#
echo "Blocking and logging access to port 25, SMTP"
/sbin/ipchains -A input -j DENY -p TCP -l -s 0.0.0.0/0 -d 0.0.0.0/0 25
/sbin/ipchains -A input -j DENY -p UDP -l -s 0.0.0.0/0 -d 0.0.0.0/0 25
#
# script to deny and log probes on known trojan ports
#
echo "Blocking and logging probes on known trojan ports, 12345, 31337"
# Netbus
/sbin/ipchains -A input -j DENY -p TCP -l -s 0.0.0.0/0 -d 0.0.0.0/0 12345
/sbin/ipchains -A input -j DENY -p UDP -l -s 0.0.0.0/0 -d 0.0.0.0/0 12345
# Back Orifice
/sbin/ipchains -A input -j DENY -p TCP -l -s 0.0.0.0/0 -d 0.0.0.0/0 31337
/sbin/ipchains -A input -j DENY -p UDP -l -s 0.0.0.0/0 -d 0.0.0.0/0 31337
 
 
 

My Latest IPCHAINS Scripts: Comments Requested if I am in Error: Running Linux Mandrake 7.1

Post by Luke Voge » Fri, 23 Mar 2001 14:24:38



> #!/bin/bash



> # script to deny connections from Korea
> #
> echo "Blocking S. Korea"
> /sbin/ipchains -A input -j DENY -p all -l -s 202.6.95.0/24 -d 0.0.0.0/0
> /sbin/ipchains -A input -j DENY -p all -l -s 202.14.103.0/24 -d 0.0.0.0/0
> /sbin/ipchains -A input -j DENY -p all -l -s 202.14.165.0/24 -d 0.0.0.0/0
> /sbin/ipchains -A input -j DENY -p all -l -s 202.20.82.0/24 -d 0.0.0.0/0
> /sbin/ipchains -A input -j DENY -p all -l -s 202.20.84.0/24 -d 0.0.0.0/0
> /sbin/ipchains -A input -j DENY -p all -l -s 202.20.86.0/24 -d 0.0.0.0/0
> /sbin/ipchains -A input -j DENY -p all -l -s 202.20.99.0/24 -d 0.0.0.0/0
> /sbin/ipchains -A input -j DENY -p all -l -s 202.20.119.0/24 -d 0.0.0.0/0
> /sbin/ipchains -A input -j DENY -p all -l -s 202.20.128.0/17 -d 0.0.0.0/0
> /sbin/ipchains -A input -j DENY -p all -l -s 202.20.0.0/21 -d 0.0.0.0/0
> /sbin/ipchains -A input -j DENY -p all -l -s 202.30.0.0/15 -d 0.0.0.0/0
> /sbin/ipchains -A input -j DENY -p all -l -s 203.224.0.0/11 -d 0.0.0.0/0
> /sbin/ipchains -A input -j DENY -p all -l -s 210.90.0.0/15 -d 0.0.0.0/0
> /sbin/ipchains -A input -j DENY -p all -l -s 210.92.0.0/14 -d 0.0.0.0/0
> /sbin/ipchains -A input -j DENY -p all -l -s 210.96.0.0/11 -d 0.0.0.0/0
> /sbin/ipchains -A input -j DENY -p all -l -s 210.178.0.0/15 -d 0.0.0.0/0
> /sbin/ipchains -A input -j DENY -p all -l -s 210.180.0.0/14 -d 0.0.0.0/0
> /sbin/ipchains -A input -j DENY -p all -l -s 210.204.0.0/14 -d 0.0.0.0/0
> /sbin/ipchains -A input -j DENY -p all -l -s 210.216.0.0/13 -d 0.0.0.0/0
> /sbin/ipchains -A input -j DENY -p all -l -s 211.32.0.0/11 -d 0.0.0.0/0
> /sbin/ipchains -A input -j DENY -p all -l -s 211.104.0.0/13 -d 0.0.0.0/0
> /sbin/ipchains -A input -j DENY -p all -l -s 211.112.0.0/13 -d 0.0.0.0/0
> /sbin/ipchains -A input -j DENY -p all -l -s 211.168.0.0/13 -d 0.0.0.0/0
> /sbin/ipchains -A input -j DENY -p all -l -s 211.176.0.0/12 -d 0.0.0.0/0
> /sbin/ipchains -A input -j DENY -p all -l -s 211.192.0.0/12 -d 0.0.0.0/0
> #
> # script to deny access from at least a part of China Telecom
> #
> echo "Blocking part of China Telecom"
> /sbin/ipchains -A input -j DENY -p all -l -s  61.128.0.0/9 -d 0.0.0.0/0
> /sbin/ipchains -A input -j DENY -p all -l -s 202.96.0.0/11 -d 0.0.0.0/0
> /sbin/ipchains -A input -j DENY -p all -l -s 210.72.0.0/13 -d 0.0.0.0/0
> #
> # script to deny access to my SMTP port
> #
> echo "Blocking and logging access to port 25, SMTP"
> /sbin/ipchains -A input -j DENY -p TCP -l -s 0.0.0.0/0 -d 0.0.0.0/0 25
> /sbin/ipchains -A input -j DENY -p UDP -l -s 0.0.0.0/0 -d 0.0.0.0/0 25
> #
> # script to deny and log probes on known trojan ports
> #
> echo "Blocking and logging probes on known trojan ports, 12345, 31337"
> # Netbus
> /sbin/ipchains -A input -j DENY -p TCP -l -s 0.0.0.0/0 -d 0.0.0.0/0 12345
> /sbin/ipchains -A input -j DENY -p UDP -l -s 0.0.0.0/0 -d 0.0.0.0/0 12345
> # Back Orifice
> /sbin/ipchains -A input -j DENY -p TCP -l -s 0.0.0.0/0 -d 0.0.0.0/0 31337
> /sbin/ipchains -A input -j DENY -p UDP -l -s 0.0.0.0/0 -d 0.0.0.0/0 31337

I hope this does not constitute your entire rule set ...
--
Regards
Luke
------
On the requirements it said: Windows 98 or better - so I installed Linux
------
http://www.bell-bird.com.au
PLEASE NOTE: Spamgard (tm) installed.

------

 
 
 

My Latest IPCHAINS Scripts: Comments Requested if I am in Error: Running Linux Mandrake 7.1

Post by Rick Mille » Fri, 23 Mar 2001 15:32:22



> #!/bin/bash




Personally, I wouldn't publish my firewall/ipchains/iptables/ipf etc,
etc, rules on a news group.  Let's hope this doesn't generate more work
for your firewall.
 
 
 

My Latest IPCHAINS Scripts: Comments Requested if I am in Error: Running Linux Mandrake 7.1

Post by Jean-Sebastien Morisse » Sat, 24 Mar 2001 03:53:05



> #!/bin/bash



> # script to deny connections from Korea
> #

[snip!]

You might want to look at <http://freshmeat.net/projects/rcf/> for
something a little more complete. :-)

LateR!
js.
--

Personal Homepage <http://jsmoriss.mvlan.net/>; UNIX, Internet,
Homebrewing, Cigars, PCS, PalmOS, CP2020 and other Fun Stuff...
This is Linux Country. On a quiet night you can hear Windows NT reboot!

 
 
 

My Latest IPCHAINS Scripts: Comments Requested if I am in Error: Running Linux Mandrake 7.1

Post by Felix Tille » Sat, 24 Mar 2001 11:54:10




> [snip!]
> You might want to look at <http://freshmeat.net/projects/rcf/> for
> something a little more complete. :-)  LateR!
> js.

Thank you for the reference.

Felix

 
 
 

1. Mandrake 7.1 and ip forwarding & ipchains

Having a problem in Mandrake 7.1 getting ip masquerading to work.  In 7.0,
it worked fine.  I'm using the same /etc/rc.d/rc.firewall I had before, to
no avail.  

Anybody having similar problems, or have gotten past them, or is anyone
successfully ip masquerading under Mdk 7.1?  And if so, how'd ya do it?

TIA,

- Tye

Tye W. Botting, PhD                 Northern Shaolin / Northern Praying Mantis

http://www.kungfu.cc/tye/                    Yang Style Taijiquan

 **[Remove the FOIL from my addresses to respond via e-mail.  DIE spam DIE!]

2. NTFS partition under SuSE Linux

3. linux mandrake 7.1 installation error?!? help!

4. getting 'more' to not count termcap formatting strings

5. RH 7.1 init.d ipchains script

6. BIND/DNS/named failure with 1.2.3

7. I am with the following error, when i am running lilo...

8. rlogin problems

9. Upgrade from Mandrake 7.0 (Air) to Mandrake 7.1 (Helium): Painless?

10. Mandrake 7.1 vs Mandrake 7.2 ?

11. Upgrade from Mandrake 7.0 (Air) to Mandrake 7.1 (Helium): Painless?

12. Whiich ids better Mandrake 7.1 or Slackware 7.1

13. Mandrake 7.1 vs Mandrake 7.2 ?