Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Block ip csf
Top Forums Programming Open Source Block ip csf Post 302976834 by jim mcnamara on Wednesday 6th of July 2016 07:21:55 PM
Old 07-06-2016
Please tell us if this is what you want:
Block (blacklist) ip address for 15 minutes. Then restore it (remove from blacklist).

How do you intend to trigger this event? In other words, what has to happen to make the program or script blacklist an ip address?
This User Gave Thanks to jim mcnamara For This Post:
mnnn
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

How csf &apf work ?

I would like to more about how csf &apf firewalls work ? how they use iptables right ? why we need to use them when we got iptables ?:confused: (0 Replies)
Discussion started by: nitin09
0 Replies

2. Shell Programming and Scripting

how to append a block of statements after another block in the file

Hi I need to append the following block of statements in the middle of the file: # openpipe tsdbdwn2 set -x exec >> /tmp/tsdbdwn2.fifo 2>&1 # This needs to be appended right after another block of statements: if test $# -eq 0 ;then echo "Safety check - do you really wish to run" $0 "... (5 Replies)
Discussion started by: aoussenko
5 Replies

3. UNIX for Advanced & Expert Users

Deciding whether to get a buffer cache block or inode block

I was reading a book on UNIX internals "The design of the UNIX Operating system." There are two memory structures that are confusing me: 1) Buffer cache 2) Inode cache My questions are 1) Does a process get both buffer cache and Indoe cache allocated when it opens/creates a file? 2) if no,... (1 Reply)
Discussion started by: sreeharshasn
1 Replies

4. Shell Programming and Scripting

Reading block by block in XML

Hi , Can you pleas help me with below requirement? There is only one big line in the file. I need to parse block by block(particular tag values, 'Val' in below case) to get different parameters. Example:- Portion of the Input string:- <?xml version="1.1" encoding="UTF-8"?> <Data><Val ... (4 Replies)
Discussion started by: kmajumder
4 Replies

5. Shell Programming and Scripting

Grepping text block by block by using for loop

Hei buddies, Need ur help once again. I have a file which has bunch of lines which starts from a fixed pattern and ends with another fixed pattern. I want to make use of these fixed starting and ending patterns to select the bunch, one at a time. The input file is as follows. Hi welcome... (12 Replies)
Discussion started by: anushree.a
12 Replies

6. UNIX for Advanced & Expert Users

Move a block of lines to file if string found in the block.

I have a "main" file which has blocks of data for each user defined by tags BEGIN and END. BEGIN ID_NUM:24879 USER:abc123 HOW:47M CMD1:xyz1 CMD2:arp2 STATE:active PROCESS:id60 END BEGIN ID_NUM:24880 USER:def123 HOW:4M CMD1:xyz1 CMD2:xyz2 STATE:running PROCESS:id64 END (7 Replies)
Discussion started by: grep_me
7 Replies

7. Shell Programming and Scripting

Printing a block of lines from a file, if that block does not contain two patterns using sed

I want to process a file block by block using sed, and if that block does not contain two patterns, then that complete block has to be printed. See below for the example data. ................................server 1............................... running process 1 running... (8 Replies)
Discussion started by: Kesavan
8 Replies

8. Cybersecurity

When i start CSF i cant connect VPS or download any data into it It appears i cant connect Linux VP?

It appears i cant connect linux VPS server via SSH or i cant SCP any file to it and i cant wget any file TO it (from inside it) while CSF (Config Server Firewall, LFD is running. Just after isntall in default configuration and after changing TESTING mode to LIVE mode. Trying to wget & install... (1 Reply)
Discussion started by: postcd
1 Replies

9. Shell Programming and Scripting

Get values block by block in same file

I have a file say "SAMPLE.txt" with following content, P1 10,9:6/123456 P2 blah blah P1 10,9:5/98765 P2 blah blah P1 blah blah P2 I want a output file say "RESULT.txt" as, Value1:123456 Value2:98765 Value3:NULL (17 Replies)
Discussion started by: garvit184
17 Replies

10. UNIX for Dummies Questions & Answers

Add a block of code at the end of a specific block

I need to search for a block with the starting pattern say "tabId": "table_1", and ending pattern say "]" and then add a few lines before "]" "block1":"block_111" "tabId": "table_1", "title":"My title" ..... .... }] how do I achieve it using awk and sed. Thanks, Lakshmi (3 Replies)
Discussion started by: Lakshmikumari
3 Replies

LEARN ABOUT DEBIAN

shorewall6-blacklist

SHOREWALL6-BLACKLIS(5)						  [FIXME: manual]					    SHOREWALL6-BLACKLIS(5)

NAME

       blacklist - shorewall6 Blacklist file

SYNOPSIS

       /etc/shorewall6/blacklist

DESCRIPTION

       The blacklist file is used to perform static blacklisting. You can blacklist by source address (IP or MAC), or by application.

       The columns in the file are as follows (where the column name is followed by a different name in parentheses, the different name is used in
       the alternate specification syntax).

       ADDRESS/SUBNET - {-|~mac-address|ip-address|address-range|+ipset}
	   Host address, network address, MAC address, IP address range (if your kernel and ip6tables contain iprange match support) or ipset name
	   prefaced by "+" (if your kernel supports ipset match). Exclusion (shorewall6-exclusion[1](5)) is supported.

	   MAC addresses must be prefixed with "~" and use "-" as a separator.

	   Example: ~00-A0-C9-15-39-78

	   A dash ("-") in this column means that any source address will match. This is useful if you want to blacklist a particular application
	   using entries in the PROTOCOL and PORTS columns.

       PROTOCOL (proto) - {-|protocol-number|protocol-name}
	   Optional - if specified, must be a protocol number or a protocol name from protocols(5).

       PORTS (port) - {-|port-name-or-number[,port-name-or-number]...}
	   May only be specified if the protocol is TCP (6), UDP (17), DCCP (33), SCTP (132) or UDPLITE (136). A comma-separated list of
	   destination port numbers or service names from services(5).

       OPTIONS - {-|{dst|src|whitelist|audit}[,...]}
	   Optional - added in 4.4.12. If specified, indicates whether traffic from ADDRESS/SUBNET (src) or traffic to ADDRESS/SUBNET (dst) should
	   be blacklisted. The default is src. If the ADDRESS/SUBNET column is empty, then this column has no effect on the generated rule.

	       Note
	       In Shorewall 4.4.12, the keywords from and to were used in place of src and dst respectively. Blacklisting was still restricted to
	       traffic arriving on an interface that has the 'blacklist' option set. So to block traffic from your local network to an internet
	       host, you had to specify blacklist on your internal interface in shorewall6-interfaces[2] (5).

	       Note
	       Beginning with Shorewall 4.4.13, entries are applied based on the blacklist setting in shorewall6-zones[3](5):

		1. 'blacklist' in the OPTIONS or IN_OPTIONS column. Traffic from this zone is passed against the entries in this file that have
		   the src option (specified or defaulted).

		2. 'blacklist' in the OPTIONS or OUT_OPTIONS column. Traffic to this zone is passed against the entries in this file that have the
		   dst option.
	   In Shorewall 4.4.20, the whitelist option was added. When whitelist is specified, packets/connections that match the entry are not
	   matched against the remaining entries in the file.

	   The audit option was also added in 4.4.20 and causes packets matching the entry to be audited. The audit option may not be specified in
	   whitelist entries and require AUDIT_TARGET support in the kernel and ip6tables.

       When a packet arrives on an interface that has the blacklist option specified in shorewall6-interfaces[4](5), its source IP address and MAC
       address is checked against this file and disposed of according to the BLACKLIST_DISPOSITION and BLACKLIST_LOGLEVEL variables in
       shorewall6.conf[5](5). If PROTOCOL or PROTOCOL and PORTS are supplied, only packets matching the protocol (and one of the ports if PORTS
       supplied) are blocked.

EXAMPLE

       Example 1:
	   To block DNS queries from address fe80::2a0:ccff:fedb:31c4:

		       #ADDRESS/SUBNET		  PROTOCOL	  PORT
		       fe80::2a0:ccff:fedb:31c4/  udp		  53

       Example 2:
	   To block some of the nuisance applications:

		       #ADDRESS/SUBNET	       PROTOCOL        PORT
		       -		       udp	       1024:1033,1434
		       -		       tcp	       57,1433,1434,2401,2745,3127,3306,3410,4899,5554,6101,8081,9898

FILES

       /etc/shorewall6/blacklist

SEE ALSO

       http://shorewall.net/blacklisting_support.htm

       http://shorewall.net/configuration_file_basics.htm#Pairs

       shorewall6(8), shorewall6-accounting(5), shorewall6-actions(5), shorewall6-hosts(5), shorewall6-interfaces(5), shorewall6-maclist(5),
       shoewall6-netmap(5),shorewall6-params(5), shorewall6-policy(5), shorewall6-providers(5), shorewall6-rtrules(5), shorewall6-routestopped(5),
       shorewall6-rules(5), shorewall6.conf(5), shorewall6-secmarks(5), shorewall6-tcclasses(5), shorewall6-tcdevices(5), shorewall6-tcrules(5),
       shorewall6-tos(5), shorewall6-tunnels(5), shorewall6-zones(5)

NOTES

	1. shorewall6-exclusion
	   http://www.shorewall.net/manpages6/shorewall6-exclusion.html

	2. shorewall6-interfaces
	   http://www.shorewall.net/manpages6/shorewall6-interfaces.html

	3. shorewall6-zones
	   http://www.shorewall.net/manpages6/shorewall-zones.html

	4. shorewall6-interfaces
	   http://www.shorewall.net/manpages6/shorewall-interfaces.html

	5. shorewall6.conf
	   http://www.shorewall.net/manpages6/shorewall.conf.html

[FIXME: source] 						    06/28/2012						    SHOREWALL6-BLACKLIS(5)
All times are GMT -4. The time now is 08:36 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy