From owner-freebsd-questions@FreeBSD.ORG Sun Jun 11 14:12:03 2006 Return-Path: X-Original-To: questions@freebsd.org Delivered-To: freebsd-questions@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CF4E016A41B for ; Sun, 11 Jun 2006 14:12:03 +0000 (UTC) (envelope-from fbsd@a1poweruser.com) Received: from mta13.adelphia.net (mta13.mail.adelphia.net [68.168.78.44]) by mx1.FreeBSD.org (Postfix) with ESMTP id 45C8C43D45 for ; Sun, 11 Jun 2006 14:12:03 +0000 (GMT) (envelope-from fbsd@a1poweruser.com) Received: from barbish ([70.39.69.56]) by mta13.adelphia.net (InterMail vM.6.01.05.02 201-2131-123-102-20050715) with SMTP id <20060611141202.HPLN10985.mta13.adelphia.net@barbish>; Sun, 11 Jun 2006 10:12:02 -0400 From: "fbsd" To: "Dan Mahoney, System Admin" , Date: Sun, 11 Jun 2006 10:11:57 -0400 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.6604 (9.0.2911.0) In-Reply-To: <20060611083416.A86148@prime.gushi.org> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1478 Importance: Normal Cc: Subject: RE: Deny large number of IPs via ipfw X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: fbsd@a1poweruser.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 11 Jun 2006 14:12:03 -0000 Using such an list of ip address from a major rbl is flawed at the core of the idea. Over 85% of those 3 million ip address are spoofed in the first place. Most are what would be called false positives. Reread the info at the source cbl.abuseat.org it says the data is not intended to be used the way you are trying to use it. You really need to rethink what you are doing. -----Original Message----- From: owner-freebsd-questions@freebsd.org [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Dan Mahoney, System Admin Sent: Sunday, June 11, 2006 8:36 AM To: questions@freebsd.org Subject: Deny large number of IPs via ipfw Hey all, I've got a file that I just synced from a major RBL, and I'd like to just use it to globally deny access to my system. Is there an easy way to do this within ipfw -- the file is about 3 *million* lines, and is from cbl.abuseat.org. -Dan -- "SOY BOMB!" -The Chest of the nameless streaker of the 1998 Grammy Awards' Bob Dylan Performance. --------Dan Mahoney-------- Techie, Sysadmin, WebGeek Gushi on efnet/undernet IRC ICQ: 13735144 AIM: LarpGM Site: http://www.gushi.org --------------------------- _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"