While perusing my Apache httpd-error.log, I noticed a large number of attempts to access my phpmyadmin directory, as well as a few less know others. Most of these probes originated from China. Since I have no legitimate business dealing with that region, I decided to create a table in my IPFW firewall to block them. This is an example:
## IPFW Firewall Rules # Set rules command prefix cmd="ipfw -q add" # public interface name of NIC facing the public Internet pif="nfe0" # Lets start by listing known bad IP addresses and blocking them. We # will put them into a table for easier handling. ipfw -q table 1 add 60.0.0.0/8 ipfw -q table 1 add 61.0.0.0/8 $cmd set 1 deny log all from table\(1\) to any in via $pif The above is the first entry in my "rules" file. I know that IPFW is working since I have blocked other ports for other services and it has worked correctly. The problem is that these IPs are not being blocked. I continue to see them listed in the httpd-error.log. I have rebooted my machine and therefore am quite certain that these rules are being loaded. The problem is that I probably do not understand how to properly block an IP or range of IPs from accessing my web server correctly. I would really appreciate any assistance. -- Carmel ✌ carmel...@hotmail.com _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
