Title: How to ban IP in EFW Ver2.3 Post by: jackyy2k1 on Thursday 25 March 2010, 04:56:50 pm How to ban IP in EFW Ver2.3? I can't find the Network Banned IP address in Ver 2.3. Is it changed to be "Access Policies"? Thanks
Title: Re: How to ban IP in EFW Ver2.3 Post by: whoiam55 on Monday 29 March 2010, 11:20:06 pm We need some more information.
what type of ban you want to place on the IP? I mean do you want to ban an IP from your network to access internet? or you want to block an IP on internet so that your users can't connect to it? Title: Re: How to ban IP in EFW Ver2.3 Post by: gyp_the_cat on Tuesday 30 March 2010, 08:47:17 pm If you want a quick and easy "ban" Jackyy, try the following from the command line
Quote iptables -A INPUT -s <IP Address here> -j DROP But more information would be better as to what you're trying to achieve :) Title: Re: How to ban IP in EFW Ver2.3 Post by: blckz28 on Thursday 06 May 2010, 03:05:59 am Well I might have the same question. We used to have IPCop and had an add-on called Banish. It allowed us to block public IP addresses from accessing our network at the firewall level. We mainly used it when somebody would try a brute force attack on our ftp sites. All I had to do was enter the IP address the attack was coming from and the firewall would block them. Is there any way to achieve this in Endian?
-also note I'm not a Linux guru, is the iptables command the way to go? Would there be a way to do it with a firewall rule? Thanks Title: Re: How to ban IP in EFW Ver2.3 Post by: vlongjvc on Friday 07 May 2010, 11:58:41 am Just want to share my experience, you can drop multiple IP addresses by creating a Destination NAT rule:
- Access from: x.x.x.x/32 x.x.x.x/32 ..... x.x.x.x/32 - Target: <ANY Uplink> - Filter policy: DROP - Service: <ANY> - Protocol: <ANY> Title: Re: How to ban IP in EFW Ver2.3 Post by: blckz28 on Wednesday 12 May 2010, 05:10:17 am Just want to share my experience, you can drop multiple IP addresses by creating a Destination NAT rule: - Access from: x.x.x.x/32 x.x.x.x/32 ..... x.x.x.x/32 - Target: <ANY Uplink> - Filter policy: DROP - Service: <ANY> - Protocol: <ANY> Thanks vlongjvc, I'll give it a try. Title: Re: How to ban IP in EFW Ver2.3 Post by: jackyy2k1 on Tuesday 14 September 2010, 08:31:08 pm It's not working... any other alternative to banned IP address in EFW 2.3? I have no problem with V2.2 but not 2.3. Thanks.
Title: Re: How to ban IP in EFW Ver2.3 Post by: AussieBloke on Tuesday 22 February 2011, 04:01:40 pm You can make a general IP ban list. You need to go to Port forwarding / Destination NAT
1. create a new rule 2. Click on the advanced mode 3. Incoming IP: Type: Zone/VPN/Upllink. Select Uplink main - IP:All known. 3. Incoming service port, Service: Any, Port: Any. 4. In the Translate To section set Type: IP, Insert IP: leave blank, NAT: NAT Access From Section. Source Type: Network/IP/Range Filter Policy: Drop In the Network UP's box, enter a single IPor IP CIDR. eg 61.144.2.10 or 61.144.0.0/14 Check the enabled box. In the comment section type Blocked Incoming IP's Make the position first. It is important the rule is the first one, else the precending rules will overide the block. If you a list of country and/or IP CIR go to www countryipblocks net Title: Re: How to ban IP in EFW Ver2.3 Post by: Nick57 on Saturday 18 June 2011, 12:24:03 am Thanks very much, I was wondering how to give some comments on each row of blocked IP range, I am used of CSF there it is possible to do as follow;
222.0.0.0/8 # China - do not delete # China - hacking website of customer! * the - do not delete refers to when flushing everything still keep this rule. Title: Re: How to ban IP in EFW Ver2.3 Post by: bozzen on Wednesday 28 June 2017, 02:48:07 am Thanks ..
If you want to block certain countries like China ( who's trying to brute force all services all the time !! >:( ) then this site is usefull to find all ip ranges :) URL : www . countryipblocks . net / country_selection.php |