block IP importing a list

This topic contains 4 replies, has 0 voices, and was last updated by  pgbuz 1 year ago.

Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • #44885

    pgbuz
    Participant

    I’m attacked to my pbx from 2 months and already blocked 100 IP (2-3 daily). I have dynamic ip on some clients so I cannot authorize to pass only some fix IP. My solution can be permit only some country ip. On the net I can generate the contry IP list to permit or deny, but are too much IP to upload manually in zeroshell firewall. How can I do?

    #54588

    Montikore
    Participant

    you can create firewall rules (given that your firewall is in drop mode) who accept everything which does match the protocol you use (not sure it’s possible in your case though) or rules who accept packets based on “Layer 7 filters”.
    I guess you want only VoIP to work? In this case, a few rules with layer 7 inspection are needed. I’m using it for QOS, but not sure it will fit all your needs : add accept rules for SIP, H323, Ventrilo, Teamspeak, Skypeout, skypetoskype.

    #54589

    pgbuz
    Participant

    My problem is not have only VOIP to work, my problem is that each day I have 3 new IP that attack my pbx to try to use it. So I cannot block voip service but I can just block by drop the IP that make the attack. I already inserted 100 IP and each day are 2-3 new! I have to go on manually for all my life? And how many rule max I can insert in zeroshell firewall? If I have my voip clients in 2 countries I thought that I can authorize on port 5060 only the ip of this 2 country, but are hundred of IP and cannot upload all manually. For this I’m looking for upload rule in some way from a list!!! a simple Linux server make this, zeroshell no? My voip clients have dynamic IP so I cannot solve just with their Ip authorization.

    #54590

    Montikore
    Participant

    zeroshell being a linux server, you can do what you’re used to using the command line

    #54591

    pgbuz
    Participant

    Multumesc for not help me Montikore

    #54592

    Montikore
    Participant

    😯 i tried to…

    @pgbuz wrote:

    a simple Linux server make this, zeroshell no?

    you’re not able to manage what you’re speaking about? so now, after reading you, i won’t help you… behave yourself.

Viewing 6 posts - 1 through 6 (of 6 total)

You must be logged in to reply to this topic.