[ previous ] [ next ] [ threads ]
 
 From:  Andy Wodfer <wodfer at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] XML import tool or trick?
 Date:  Fri, 27 May 2011 21:53:17 +0200 
Btw: How many block rules can/should m0n0wall have as a maximum?

/Andy

On Wed, May 25, 2011 at 7:54 PM, Roger Andersson <roon at telia dot com> wrote:

>  From DOS command prompt and sorry for any unwanted <CR><LF>
>
> C:\> type input.txt
>
> 200.200.202.2
> 55.33.100.224
> 81.55.44.75
>
> Next command is all on one line
> C:\> for /f %i in (input.txt) do echo
> "<rule><type>block</type><interface>wan</interface><protocol>tcp</protocol><source><address>%i<
> /address></source><destination><any/></destination><descr>blocked</descr></rule>"
> >> xmlfile.xml
>
> C:\> type xmlfile.xml
>
>
"<rule><type>block</type><interface>wan</interface><protocol>tcp</protocol><source><address>200.200.202.2</address></source><destina
>
> tion><any/></destination><descr>blocked</descr></rule>"
>
>
"<rule><type>block</type><interface>wan</interface><protocol>tcp</protocol><source><address>55.33.100.224</address></source><destina
>
> tion><any/></destination><descr>blocked</descr></rule>"
>
>
"<rule><type>block</type><interface>wan</interface><protocol>tcp</protocol><source><address>81.55.44.75</address></source><destinati
>
> on><any/></destination><descr>blocked</descr></rule>"
>
> It might be possible to create the xml-file without "
> but it should be fairly quick to replace all " with
> using e.g. notepad ;-)
>
> /Roger
>
>> On Wed, May 25, 2011 at 5:16 AM, Andy Wodfer<wodfer at gmail dot com>  wrote:
>>
>>> I need some help again here ... My webserver that's on my LAN interface
>>> (10.0.0.10) is being DDOS'ed (TCP port 80). I need to block the
>>> attackers.
>>>
>>> I have a txt file containing about 1300 IP addresses (one on each line).
>>>
>>> I need to create block rules in my firewall (m0n0wall) for all these IP
>>> addresses. The syntax is:
>>>
>>> <rule>
>>> <type>block</type>
>>> <interface>wan</interface>
>>> <protocol>tcp</protocol>
>>> <source>
>>> <address>IP ADDRESS</address>
>>> </source>
>>> <destination>
>>> <any/>
>>> </destination>
>>> <descr>blocked</descr>
>>> </rule>
>>>
>>> The IP list .txt file looks like this (just random typed numbers):
>>>
>>> 200.200.202.2
>>> 55.33.100.224
>>> 81.55.44.75
>>> and so on ...
>>>
>>> Is there a way I can generate the XML data rule tags and insert one IP
>>> from
>>> each line into the<address>  tag and put everything in a new file with
>>> the
>>> rules underneath eachother like this so I can add it to my config backup
>>> xml
>>> file?
>>>
>>> <rule>
>>> <type>block</type>
>>> <interface>wan</interface>
>>> <protocol>tcp</protocol>
>>> <source>
>>> <address>IP ADDRESS</address>
>>> </source>
>>> <destination>
>>> <any/>
>>> </destination>
>>> <descr>blocked</descr>
>>> </rule>
>>> <rule>
>>> <type>block</type>
>>> <interface>wan</interface>
>>> <protocol>tcp</protocol>
>>> <source>
>>> <address>IP ADDRESS</address>
>>> </source>
>>> <destination>
>>> <any/>
>>> </destination>
>>> <descr>blocked</descr>
>>> </rule>
>>> <rule>
>>> <type>block</type>
>>> <interface>wan</interface>
>>> <protocol>tcp</protocol>
>>> <source>
>>> <address>IP ADDRESS</address>
>>> </source>
>>> <destination>
>>> <any/>
>>> </destination>
>>> <descr>blocked</descr>
>>> </rule>
>>>
>>> Thanks for all help!
>>>
>>> Cheers,
>>> Andy
>>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>>
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>