Ian Mitchell ([EMAIL PROTECTED]) @ 2005.10.11 08:27:31 -0500:
> Yes yes, I know, that breaks the RFC. Well, if I wanted viruses from
> Chinese hackers, I'd let them in by following the RFC ;)
>
> Incase your curious...
>
> -A INPUT -s 58.0.0.0/254.0.0.0 -j DROP
> -A INPUT -s 60.0.0.0/254.0.0.0 -j DROP
> -A INPUT -s 59.0.0.0/255.0.0.0 -j DROP
> -A INPUT -s 202.0.0.0/254.0.0.0 -j DROP
> -A INPUT -s 210.0.0.0/254.0.0.0 -j DROP
> -A INPUT -s 218.0.0.0/254.0.0.0 -j DROP
> -A INPUT -s 220.0.0.0/254.0.0.0 -j DROP
> -A INPUT -s 222.0.0.0/255.0.0.0 -j DROP
>
> No more Asia.
... and no more Australia. (Which may not be what you intended.) For a
slightly more granular approach to this task, I suggest some of the
variations on the KRFILTER project.
http://www.hakusan.tsg.ne.jp/tjkawa/lib/krfilter/index-e.jsp
....Sean
--
Sean Ware Midway Amusement Games, LLC
Senior Network Engineer 2727 W. Roscoe Street
Information Technology Department Chicago, IL 60618-5909
[EMAIL PROTECTED] (773) 961-2000
_______________________________________________
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list
[email protected]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
