DSM-G600, DNS-3xx and NSA-220 Hack Forum

Unfortunately no one can be told what fun_plug is - you have to see it for yourself.

You are not logged in.

Announcement

#1 2009-05-12 21:30:16

vrobi
New member
Registered: 2009-05-12
Posts: 3

iptables

Hi

plz someone help i need iptables app my dns-313
because it is constantly attak my nas chines proxy.
And i need ipblock app.

Thank you in advance

Offline

 

#2 2009-05-13 11:01:38

smiltz
New member
Registered: 2009-05-13
Posts: 1

Re: iptables

Hi, I wrote a simple PERL script with a loop that every minute read /var/log/messages file and for each IP taht fails to login, it run a "route reject" command
Thi is the PERL script, I named it parser.pl
Change xxx.xxx.xxx.xxx and yyy.yyy.yyy.yyy with some ip that you won't reject (eg. internal lan ips and office gateway)

--------------------------------------------------------------------------------------
#!/ffp/bin/perl

use warnings;
LOOP1:
open(F,"/var/log/messages") or die($!);
my %ips;
while(<F>)
{
    if ($_ =~ /(\d+\.\d+\.\d+\.\d+)/)
    {
        $ip = $1;
        if ($_ =~ /Failed password/)
        {
            if (($ip =~ /xxx.xxx.xxx.xxx/) || ($ip =~ /yyy.yyy.yyy.yyy/))
            {
            }
            else
            {
                $cmd = "route add -host " . $ip . " reject";
                system $cmd;
            }
        }
    else
    {
        next;
    }
    }
}
close(F);

sleep 60;
goto LOOP1;
--------------------------------------------------------------------------------------

Than I start that PERL script with:

nohup perl /ffp/start/parser.pl 2> /dev/null > /dev/null &

Have fun

A.

Last edited by smiltz (2009-05-13 11:04:02)

Offline

 

#3 2009-05-13 13:42:03

vrobi
New member
Registered: 2009-05-12
Posts: 3

Re: iptables

thank you very much

Offline

 

#4 2009-08-10 02:38:12

Len0X
New member
Registered: 2009-08-10
Posts: 4

Re: iptables

Hi all


if you want to block specific IP from NAT .... other
let's try 192.168.1.120



1. telnet device
Code:

vi /mnt/HD_a2/fun_plug

press o
add at the end
Code:

route add -host 192.168.1.200 reject

press Esc
press :
press w
press Enter
press :
press q!
press Enter

###done###
restart

check the result
Code:

route

should be new line:

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.1.200   *               255.255.255.255 !H    0      0        0 *

%%%%%%%DONE%%%%%
thank to morsik / http://forum.fedora.pl/

Last edited by Len0X (2009-08-10 02:38:49)

Offline

 

Board footer

Powered by PunBB
© Copyright 2002–2010 PunBB