var sidebar_align = 'right';
var content_container_margin = parseInt('350px');
var sidebar_width = parseInt('330px');
How to Block a Block of IP'S
I'm currently experiencing a lot of IP's starting with 200 and 201 (from Brazil) some IP’s have over 200 connections. I have APF installed and want to know how to block a block on ip's if this is possible.
Thanks in advance
Check out the deny_hosts.rules file in APF usually found at /etc/apf/deny_hosts.rules
You can put single IPs in that file, or an IP mask. For example you could add 188.8.131.52/16 to that file to block all of 200.11 and therefore you would be blocking 65534 IPs.
I would not recommend a /16 block though, try and find the offending /24 subnets and add them into this file as each /24 will only block 254 IPs.
Use the CIDR/Netmask test on http://www.dnsstuff.com/ to figure out specific netmasks.
After adding the IP ranges to that file, if you restart APF with a 'service apf restart', the block will take effect.
apf -d IP will automatically add it to the deny file. Also then there is no need for restarting apf.
From Following steps you can block an IP
A) /etc/apf/apf -d IP Reason
–> The -d flag means DENY the IP address
–> IP is the IP address you wish to block
–> Reason is comments to why the IP is being blocked
./apf -d 2184.108.40.206 TESTING
Shows the following:
# added 2220.127.116.11 on 08/23/05 01:25:55
B) pico /etc/apf/deny_hosts.rules
You can then just add a new line and enter the IP you wish to block. Before this becomes active though you’ll need to reload the APF ruleset.