How to null route China?

Portal Home > Knowledgebase > Articles Database > How to null route China?

Posted by Gigaron, 03-16-2008, 02:43 AM
I use geoip so that if ($country="CN") { die(); } This works on my site. But for some reason I still get the occasional IP's through. I looked at my Lighttpd server-status and I have 600 connections from 3 different IPs that come from China. I typically use ./route add -host 222.221.81.3 reject as the way to block them, but it changes from time to time. The Chinese are using 90mbps of bandwidth and I want it to stop as they must be directly hotlinking my content. How to null route large blocks from China? Please note I want to keep Hong Kong, Macau and Taiwan.
Posted by LoganNZ, 03-16-2008, 02:47 AM
mod_evasive will help with the hotlinking/high concurrent connections. You can find china IP range lists via google, you will always get the occasional one that slips through. Not to mention the ones that use a proxy.
Posted by Gigaron, 03-16-2008, 02:52 AM
Mod_evasive is for 1.5.0, and I use 1.4.18. So I can't do this method. How to add the IP range via the shell? I can only do it for 1 IP at a time. Thanks.
Posted by whitehorn, 03-16-2008, 03:29 AM
you can try csf also
Posted by Gigaron, 03-16-2008, 03:31 AM
what's that?
Posted by david510, 03-16-2008, 05:42 AM
It is a firewall program. You can see details at http://configserver.com/cp/csf.html
Posted by LoganNZ, 03-16-2008, 05:43 AM
Check out www.configserver.com They offer a free, easy to use and easy to install web GUI to control many aspects/configs; Firewall Management User process security (LFD) ConfigServer.com also offers some other packages which can aid a lot in managing the basic security points of your linux-cpanel box. Good luck Best Regards, Logan