[Dshield] Help Request

Ted Cooper sansX0405 at elcsplace.com
Sun May 15 23:34:48 GMT 2005


Glenn Jarvis wrote:
> Hi all,
> ..
> <Files 403.shtml>
> order allow,deny
> allow from all
> </Files>
> 
> 
> deny from 218.0.0.0/255
> deny from 61.0.0.0/255
> ..
> Deny from 58.14.0.0/15
> Deny from 58.16.0.0/14
> 

>From my _very_ limited knowledge on this, you need a local order statement in
that context, and your opposite rules. Because you are doing limited deny's,
you should also be doing an allow somewhere.
PS 218.0.0.0/8 is from Australia as well!! I'm in 218.214.0.0/15 (hence why
I'm sending this through the list - I'm assuming you are blocking me at your
mail gateway if using the same list)

order deny,allow
deny from 61.0.0.0/255  <- error in format 61.0.0.0/24
..
deny from 58.16.0.0/14
allow from all

The 505 will be coming from the missing allow directive or the scope you are
using not having an order statement. I think. ;)
Oops, found another issue. If you are going to use 218.0.0.0/255 sort of
format, you need to use the full mask. ie 218.0.0.0/255.0.0.0 OR just move
over the to the CIDR format of 218.0.0.0/24. Again, I'm in that range :P
If you just want to block an address starting with 61.0.0.0/24 you can specify
"deny from 61". Hmm lots more stuff - can you tell I found the manual about
half way through?
http://httpd.apache.org/docs/mod/mod_access.html

Ted.





More information about the list mailing list