From mboxrd@z Thu Jan 1 00:00:00 1970 From: Georgi Alexandrov Subject: Re: Route block CONNECT requisitions for apache Date: Sun, 27 Nov 2005 16:07:14 +0200 Message-ID: <4389BD92.2040908@gmail.com> References: Mime-Version: 1.0 Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: netfilter-bounces@lists.netfilter.org Errors-To: netfilter-bounces@lists.netfilter.org Content-Type: text/plain; charset="us-ascii"; format="flowed" To: netfilter@lists.netfilter.org Leonardo Marques wrote: >Hello, > >I have a apache webserver behind a iptables firewall, and some people >are trying to abuse from my server probably for spam. I have this >information on the log of the apache: > >219.80.160.238 - - [27/Nov/2005:08:56:13 -0200] "CONNECT >64.161.246.99:25 HTTP/1.0" 200 6446 > >I have a lot of this lines, with some diferent IPs, I already blocked >all those IPs. > >I want create a rule that block all those type of connections, someone >know how can i do? > >The ideia ir more or less it: > >"everything witch comes for the htttp_port wich contain 'connect type >connections' must be deny or droped'" > > > What's the point in doing this? As those are no harm to your system. Or you like to complex your life as much as possible and then say: "oh, security isn't for everyone, but i'm managing somehow!" Perhaps you should leave those and deal with something more useful. regards, Georgi Alexandrov