goto LDENY;
}
+%BADGUYS = `cat /etc/firewall/badguys | grep -v '^#'`
+
#####################################################################
# Deal with known offenders right away
# Make difference between notorious ones and unusual ones
chain badguys {
-
- saddr(
- # Mailbombing nion's email
- 152.163.210.178
- 205.188.135.170
- 64.12.187.193
-
- # Executed nion's CGI script 400,000 times
- 24.186.165.67
-
- # docelic, Wed Aug 3 04:18:56 EDT 2005
- # Trying out new server with all kinds of usernames on ssh
- # (All of those seem to be from the same "mastermind")
- 211.48.20.153
- 62.36.240.114
- 62.75.240.62
- 210.204.193.1
- 84.26.59.170
- # docelic, Sun Aug 21 01:29:10 EDT 2005
- 63.76.235.2
- 80.48.31.252
- 220.194.55.126
- 163.26.229.131
- 201.6.223.150
- 64.34.171.56
- 82.177.98.1
- 61.185.219.23
- 62.62.224.184
- 212.0.107.141
- 60.248.227.34
- 63.246.10.45
- # docelic, Sun Aug 21 22:14:15 EDT 2005
- 210.184.124.11
- 210.238.188.155
- 63.247.76.10
-
- # Log says reverse mapping failed for this address
- # (hundreds of entries)
- 114.67.19.241
- ) {
- DROP;
- }
+ saddr %BADGUYS DROP;
}
#####################################################################