Unfortunately no one can be told what fun_plug is - you have to see it for yourself.
You are not logged in.
Hi
plz someone help i need iptables app my dns-313
because it is constantly attak my nas chines proxy.
And i need ipblock app.
Thank you in advance
Offline
Hi, I wrote a simple PERL script with a loop that every minute read /var/log/messages file and for each IP taht fails to login, it run a "route reject" command
Thi is the PERL script, I named it parser.pl
Change xxx.xxx.xxx.xxx and yyy.yyy.yyy.yyy with some ip that you won't reject (eg. internal lan ips and office gateway)
--------------------------------------------------------------------------------------
#!/ffp/bin/perl
use warnings;
LOOP1:
open(F,"/var/log/messages") or die($!);
my %ips;
while(<F>)
{
if ($_ =~ /(\d+\.\d+\.\d+\.\d+)/)
{
$ip = $1;
if ($_ =~ /Failed password/)
{
if (($ip =~ /xxx.xxx.xxx.xxx/) || ($ip =~ /yyy.yyy.yyy.yyy/))
{
}
else
{
$cmd = "route add -host " . $ip . " reject";
system $cmd;
}
}
else
{
next;
}
}
}
close(F);
sleep 60;
goto LOOP1;
--------------------------------------------------------------------------------------
Than I start that PERL script with:
nohup perl /ffp/start/parser.pl 2> /dev/null > /dev/null &
Have fun
A.
Last edited by smiltz (2009-05-13 11:04:02)
Offline
Hi all
if you want to block specific IP from NAT .... other
let's try 192.168.1.120
1. telnet device
Code:
vi /mnt/HD_a2/fun_plug
press o
add at the end
Code:
route add -host 192.168.1.200 reject
press Esc
press :
press w
press Enter
press :
press q!
press Enter
###done###
restart
check the result
Code:
route
should be new line:
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.200 * 255.255.255.255 !H 0 0 0 *
%%%%%%%DONE%%%%%
thank to morsik / http://forum.fedora.pl/
Last edited by Len0X (2009-08-10 02:38:49)
Offline