Thursday, April 11, 2013

block china CIDR please!

for too many days i have been dealing with china as spammer as the get some info of our users so block this ip's have been annoying i have set up a persiste file with this guys but i have just found a web page with CIDR of china so i uploaded this on pf

pfctl -tdammed-hosts -Tadd ==myscrypt==

i use simple perl to get rid of all of the useless information as the file format it is:

#chinese net blocks CIDR
#http://www.okean.com/chinacidr.txt
#send comments, corrections, and additions to: comments20111127@okean.com
#last updated 2013.03.27 0858 PST (UTC -8)
1.0.1.0/24  China
1.0.2.0/23  China
1.0.8.0/21  China
1.0.32.0/19  China
...


so with the scrypt i eliminate all but 1.0.1.0/24 this goes to screen so i just used $(scrypt) to populate pf table





here is the web:

http://okean.com/asianspamblocks.html



here is the scrypt:

dont blame me am not a programmer }:)




#!/usr/sbin/perl


use strict;


use warnings;




open(myFH, $ARGV[0]);


foreach my $line (<myFH>){


 chomp$(line);


 my @val = split(' ', $line);


 print "$val[0]\n";


}


close(myFH);


of course no secury added to the scrypt as it is for my personal and for this situation but it works i have populated 2638 blocks for the pf table 










Posted by



at







































No comments:















Post a Comment


















        

      









Subscribe to:
Post Comments (Atom)