Welcome, Guest. Please login or register.
Did you miss your activation email?
Friday 15 November 2024, 01:30:38 am

Login with username, password and session length

CLICK HERE for the The official Endian Roadmap and Issue tracker
14255 Posts in 4377 Topics by 6515 Members
Latest Member: hulteends
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  Installation Support
| | |-+  How to ban IP in EFW Ver2.3
0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: How to ban IP in EFW Ver2.3  (Read 53845 times)
jackyy2k1
Full Member
***
Offline Offline

Posts: 10


« on: Thursday 25 March 2010, 04:56:50 pm »

How to ban IP in EFW Ver2.3? I can't find the Network Banned IP address in Ver 2.3. Is it changed to be "Access Policies"? Thanks
Logged
whoiam55
Full Member
***
Offline Offline

Posts: 71



WWW
« Reply #1 on: Monday 29 March 2010, 11:20:06 pm »

We need some more information.

what type of ban you want to place on the IP? I mean do you want to ban an IP from your network to access internet? or you want to block an IP on internet so that your users can't connect to it?
Logged

सत्यमेव जयते!
gyp_the_cat
Full Member
***
Offline Offline

Posts: 81



WWW
« Reply #2 on: Tuesday 30 March 2010, 08:47:17 pm »

If you want a quick and easy "ban" Jackyy, try the following from the command line

Quote
iptables -A INPUT -s <IP Address here> -j DROP

But more information would be better as to what you're trying to achieve Smiley
Logged
blckz28
Jr. Member
*
Offline Offline

Posts: 2


« Reply #3 on: Thursday 06 May 2010, 03:05:59 am »

Well I might have the same question.  We used to have IPCop and had an add-on called Banish.  It allowed us to block public IP addresses from accessing our network at the firewall level.  We mainly used it when somebody would try a brute force attack on our ftp sites.  All I had to do was enter the IP address the attack was coming from and the firewall would block them.  Is there any way to achieve this in Endian?

-also note I'm not a Linux guru, is the iptables command the way to go?  Would there be a way to do it with a firewall rule?

Thanks
Logged
vlongjvc
Full Member
***
Offline Offline

Posts: 27


« Reply #4 on: Friday 07 May 2010, 11:58:41 am »

Just want to share my experience, you can drop multiple IP addresses by creating a Destination NAT rule:

- Access from:
x.x.x.x/32
x.x.x.x/32
.....
x.x.x.x/32

- Target:
<ANY Uplink>

- Filter policy:
DROP

- Service:
<ANY>
- Protocol:
<ANY>
Logged
blckz28
Jr. Member
*
Offline Offline

Posts: 2


« Reply #5 on: Wednesday 12 May 2010, 05:10:17 am »

Just want to share my experience, you can drop multiple IP addresses by creating a Destination NAT rule:

- Access from:
x.x.x.x/32
x.x.x.x/32
.....
x.x.x.x/32

- Target:
<ANY Uplink>

- Filter policy:
DROP

- Service:
<ANY>
- Protocol:
<ANY>

Thanks vlongjvc, I'll give it a try.

Logged
jackyy2k1
Full Member
***
Offline Offline

Posts: 10


« Reply #6 on: Tuesday 14 September 2010, 08:31:08 pm »

It's not working... any other alternative to banned IP address in EFW 2.3? I have no problem with V2.2 but not 2.3. Thanks.
Logged
AussieBloke
Full Member
***
Offline Offline

Gender: Male
Posts: 37



« Reply #7 on: Tuesday 22 February 2011, 04:01:40 pm »

You can make a general IP ban list. You need to go to Port forwarding / Destination NAT

1. create a new rule
2. Click on the advanced mode
3. Incoming IP: Type: Zone/VPN/Upllink. Select Uplink main - IP:All known.
3. Incoming service port, Service: Any, Port: Any.
4. In the Translate To section set Type: IP, Insert IP: leave blank, NAT: NAT

Access From Section.
Source Type: Network/IP/Range
Filter Policy: Drop
In the Network UP's box, enter a single IPor IP CIDR. eg 61.144.2.10 or 61.144.0.0/14

Check the enabled box. In the comment section type Blocked Incoming IP's

Make the position first.
It is important the rule is the first one, else the precending rules will overide the block.

If you a list of country and/or IP CIR go to www countryipblocks net
Logged
Nick57
Jr. Member
*
Offline Offline

Posts: 6

OFF


« Reply #8 on: Saturday 18 June 2011, 12:24:03 am »

Thanks very much, I was wondering how to give some comments on each row of blocked IP range, I am used of CSF there it is possible to do as follow;

222.0.0.0/8  # China - do not delete

# China - hacking website of customer!

* the - do not delete refers to when flushing everything still keep this rule.


Logged
bozzen
Jr. Member
*
Offline Offline

Posts: 5


« Reply #9 on: Wednesday 28 June 2017, 02:48:07 am »

Thanks ..

If you want to block certain countries like China ( who's trying to brute force all services all the time !! Angry ) then this site is usefull to find all ip ranges Smiley

URL : www . countryipblocks . net / country_selection.php
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.094 seconds with 17 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com