From: Phil Howard <phil-netfilter@ipal.net>
To: netfilter mailing list <netfilter@lists.netfilter.org>
Subject: Re: how to block 10000's of addresses?
Date: Sun, 13 Oct 2002 09:56:28 -0500 [thread overview]
Message-ID: <20021013095628.D15824@hamal.ipal.net> (raw)
In-Reply-To: <Pine.LNX.4.44.0210130946230.16584-100000@localhost.localdomain>; from rpjday@mindspring.com on Sun, Oct 13, 2002 at 09:47:56AM -0400
On Sun, Oct 13, 2002 at 09:47:56AM -0400, Robert P. J. Day wrote:
| On Sun, 13 Oct 2002, Phil Howard wrote:
|
| > On Sun, Oct 13, 2002 at 01:10:23PM +0100, Antony Stone wrote:
| >
| > | On Sunday 13 October 2002 12:50 pm, Phil Howard wrote:
| > |
| > | > I would like to know how best to block 10000's of addresses using
| > | > netfilter. Clearly I do not want to be placing 10000's of individual
| > | > filter table entries in.
| > |
| > | Sounds like an incompatible set of requirements. If you want to block 10000
| > | addresses (and assuming they don't fit into contiguous network ranges) then
| > | you need 10000 rules to be able to specify what you want to block.
| >
| > They in fact are 10000+ different netblocks.
|
| can you perhaps explain just a bit of the rationale for what
| you're doing? it's not often that one has to block that many
| independent, non-related IP addresses. just curious. i mean,
| if it were just for filtering SPAM, you could use other tools.
The initial inspiration is for filtering spam. But I can see other
uses, and am looking at this for broader re-usable purposes which
would be initially deployed to filter spamming servers.
What other tools are you referring to? Currently I use tools that
work in an SMTP daemon of my MTA to refuse mail. But I am wanting
to go beyond that, especially considering some places just keep
pounding on SMTP to deliver spam despite getting permanent 5XX
rejections of months or even a couple years. Are there other tools
you are thinking of besides this?
--
-----------------------------------------------------------------
| Phil Howard - KA9WGN | Dallas | http://linuxhomepage.com/ |
| phil-nospam@ipal.net | Texas, USA | http://ka9wgn.ham.org/ |
-----------------------------------------------------------------
next prev parent reply other threads:[~2002-10-13 14:56 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-10-13 11:50 how to block 10000's of addresses? Phil Howard
2002-10-13 12:10 ` Antony Stone
2002-10-13 13:00 ` Phil Howard
2002-10-13 13:13 ` Thomas Lussnig
2002-10-13 13:45 ` Phil Howard
2002-10-13 13:47 ` Robert P. J. Day
2002-10-13 14:56 ` Phil Howard [this message]
2002-10-13 16:25 ` Robert P. J. Day
2002-10-13 22:05 ` Phil Howard
2002-10-13 13:53 ` Antony Stone
2002-10-13 15:10 ` Phil Howard
2002-10-13 15:41 ` Antony Stone
2002-10-13 16:40 ` Thomas Lussnig
2002-10-13 17:25 ` Thomas Heinz
2002-10-13 17:42 ` Thomas Heinz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20021013095628.D15824@hamal.ipal.net \
--to=phil-netfilter@ipal.net \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.