Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Blocking client based on HTTP request
3 views
Skip to first unread message
Sandman
May 24, 2013, 9:07:35 AM5/24/13
to
So, as my other thread may suggest, I have problems with users flooding
my server with requests for /wpad.dat
Is there an easy way to use iptables to trigger on those requests and
then add the IP to a blacklist?
--
Sandman[.net]
my server with requests for /wpad.dat
Is there an easy way to use iptables to trigger on those requests and
then add the IP to a blacklist?
--
Sandman[.net]
Message has been deleted
Sandman
May 24, 2013, 3:11:26 PM5/24/13
to
In article <bto47a-...@llondel.org>,
David Hough <noone$$@llondel.org> wrote:
> Try fail2ban <http://www.fail2ban.org> as one possible candidate.
>
> I've not yet tried to use it but it's on my to-do list.
I looked at it earlier, it seems to be a clinet/server (why?) solution
to add rules to iptables.
I did that myself instead by using a script to parse the last 1000
rows of the httpd log file, find the unique hosts that are requesting
the wpad.dat file and thern adding them to a blacklist file, and then
add them to an iptable block.
The file now contain 4802 unique spamming hosts, and I'm a bit worried
about iptables being too burdoned by so many firewall rules.
--
Sandman[.net]
David Hough <noone$$@llondel.org> wrote:
>
> I've not yet tried to use it but it's on my to-do list.
I looked at it earlier, it seems to be a clinet/server (why?) solution
to add rules to iptables.
I did that myself instead by using a script to parse the last 1000
rows of the httpd log file, find the unique hosts that are requesting
the wpad.dat file and thern adding them to a blacklist file, and then
add them to an iptable block.
The file now contain 4802 unique spamming hosts, and I'm a bit worried
about iptables being too burdoned by so many firewall rules.
--
Sandman[.net]
0 new messages