|
||||||||||
On 7/27/07, Chris Buechler <cbuechler at gmail dot com> wrote: > On 7/27/07, Peter Teunissen <lists at onemanifest dot net> wrote: > > > > I'd like to block traffic from China, using a zone file from http:// > > www.ipdeny.com/ipblocks/. But in the GUI it's not possible to easily > > add such a long list of ip ranges. Is there another way to add such a > > list to m0n0wall, for example by editing the settingsfile and > > creating an alias for the whole list? > > > > You can't create aliases of multiple items. > > Your best bet on accomplishing this is likely to backup your config, > write a script to manually insert all the rules (which will be a TON > of them) into the config and then restore the changed config. This is a great question and a good solution. Peter, if you do write a script to generate the configuration text, perhaps it could be integrated into m0n0wall to iterate through a carriage return separated arrays of cidr blocks. Well, maybe that isn't such a good idea. Would the ip blocks be inserted into XML one by one, or would it be possible to put them all into one XML node? I assume it would be faster for the ip blocks to be in a single node, but that would be more complicated to support. - Albert Albert |