www.zeroshell.org Forum Index www.zeroshell.org
Linux Distribution for server and embedded devices
 
 SearchSearch  RegisterRegister  UsergroupsUsergroups 
 ProfileProfile  Log inLog in  Log in to check your private messagesPrivate Message 

block IP importing a list

 
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> Firewall, Traffic Shaping and Net Balancer
View previous topic :: View next topic  
Author Message
pgbuz



Joined: 05 Aug 2016
Posts: 38

PostPosted: Wed Oct 25, 2017 6:50 pm    Post subject: block IP importing a list Reply with quote

I'm attacked to my pbx from 2 months and already blocked 100 IP (2-3 daily). I have dynamic ip on some clients so I cannot authorize to pass only some fix IP. My solution can be permit only some country ip. On the net I can generate the contry IP list to permit or deny, but are too much IP to upload manually in zeroshell firewall. How can I do?
Back to top
View user's profile Send private message
Montikore



Joined: 19 Jan 2016
Posts: 64

PostPosted: Thu Oct 26, 2017 8:54 am    Post subject: Reply with quote

you can create firewall rules (given that your firewall is in drop mode) who accept everything which does match the protocol you use (not sure it's possible in your case though) or rules who accept packets based on "Layer 7 filters".
I guess you want only VoIP to work? In this case, a few rules with layer 7 inspection are needed. I'm using it for QOS, but not sure it will fit all your needs : add accept rules for SIP, H323, Ventrilo, Teamspeak, Skypeout, skypetoskype.
Back to top
View user's profile Send private message
pgbuz



Joined: 05 Aug 2016
Posts: 38

PostPosted: Thu Oct 26, 2017 7:35 pm    Post subject: Reply with quote

My problem is not have only VOIP to work, my problem is that each day I have 3 new IP that attack my pbx to try to use it. So I cannot block voip service but I can just block by drop the IP that make the attack. I already inserted 100 IP and each day are 2-3 new! I have to go on manually for all my life? And how many rule max I can insert in zeroshell firewall? If I have my voip clients in 2 countries I thought that I can authorize on port 5060 only the ip of this 2 country, but are hundred of IP and cannot upload all manually. For this I'm looking for upload rule in some way from a list!!! a simple Linux server make this, zeroshell no? My voip clients have dynamic IP so I cannot solve just with their Ip authorization.
Back to top
View user's profile Send private message
Montikore



Joined: 19 Jan 2016
Posts: 64

PostPosted: Fri Oct 27, 2017 9:24 am    Post subject: Reply with quote

zeroshell being a linux server, you can do what you're used to using the command line
Back to top
View user's profile Send private message
pgbuz



Joined: 05 Aug 2016
Posts: 38

PostPosted: Fri Oct 27, 2017 7:01 pm    Post subject: Reply with quote

Multumesc for not help me Montikore
Back to top
View user's profile Send private message
Montikore



Joined: 19 Jan 2016
Posts: 64

PostPosted: Mon Oct 30, 2017 1:34 pm    Post subject: Reply with quote

Shocked i tried to...

pgbuz wrote:
a simple Linux server make this, zeroshell no?


you're not able to manage what you're speaking about? so now, after reading you, i won't help you... behave yourself.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> Firewall, Traffic Shaping and Net Balancer All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group