Re: [qmailtoaster] Block incoming mail IP range

[Tony White]

This is the script I have been using...

examples
at the cli ...

blockip 192.168.1.26
or
blockip 192.168.0.0/16
or
blockip 192.168.1.0/24

works immediately and creates a rc.blockedips file for use on reboot
to reinstate the currently blocked ip's.

-- snip blockip -----
#!/bin/bash
logf="/var/log/blockip.log"
mdate=`date +%c`
mip=$1
### must be root ###
if [ `whoami` != "root" ]; then
        echo ""
        echo "$0 must be run as root"
        echo ""
        exit 1
fi;

export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
is_ip="grep -Ec 
'^[1-2]?[0-9]?[0-9]\.[0-2]?[0-9]?[0-9]\.[0-2]?[0-9]?[0-9]\.[0-2]?[0-9]?[0-9](\/[0-3]?[0-9])?$'"

if [ `echo $1 |eval $is_ip` != "1" ]; then
  echo "$mdate Error in IP address $1" >> $logf
  echo "$mdate Error in IP address $1"
else
  iptables -I INPUT -s $1 -j DROP
  echo "iptables -I INPUT -s $1 -j DROP" >> /etc/rc.d/rc.blockedips
  echo "$mdate now dropping all packets from $1" >> $logf
fi;

-- end snip ----


On 4/08/2014 18:22, ChandranManikandan wrote:

Hi Ravi,
Use in IPTABLES to block it.


On Mon, Aug 4, 2014 at 2:41 PM, Linux <li...@ikf.co.in 
<mailto:li...@ikf.co.in>> wrote:

    Hi,

    Please guide, How to block range of IP's for incoming mail?

    IP: 209.85.xxx.xxx

    Thanks,

    Ravi




--
*/Thanks & Best Regards,
Manikandan.C
/*