Discuss mailing list

[Hospedaje Web y Servidores Dedicados <ventas AT dedicados.com.mx>]

thanks Jeff, well on singapore seems to be working, let me test the others:

root@singapore:~# iptables -F
root@singapore:~# iptables -X BADDNS
iptables: No chain/target/match by that name.
root@singapore:~# iptables -N BADDNS
root@singapore:~# iptables --insert INPUT -p udp --dport 53 -m string 
--from 40--to 58 --algo bm --hex-string '|07676572646172330272|' -j DROP 
-m comment --com ment "DROP DNS Q gerdar3.ru"
root@singapore:~# wget 
"https://raw.github.com/smurfmonitor/dns-iptables-rules/master/domain-blacklist.txt"; 
-O /root/domain-blacklist.txt.tmp
--2014-02-25 14:04:01-- 
https://raw.github.com/smurfmonitor/dns-iptables-rules/master/domain-blacklist.txt
Resolving raw.github.com (raw.github.com)... 103.245.222.133
Connecting to raw.github.com (raw.github.com)|103.245.222.133|:443... 
connected.
HTTP request sent, awaiting response... 200 OK
Length: 22232 (22K) [text/plain]
Saving to: `/root/domain-blacklist.txt.tmp'

100%[==============================================================================================================================>] 
22,232      --.-K/s   in 0.001s

2014-02-25 14:04:02 (35.1 MB/s) - `/root/domain-blacklist.txt.tmp' saved 
[22232/22232]

root@singapore:~# grep iptables /root/domain-blacklist.txt.tmp 
>/root/domain-blacklist.txt
root@singapore:~# sh /root/domain-blacklist.txt
root@singapore:~# iptables -A INPUT -p udp --dport 53 -m string 
--hex-string "|00 00 ff 00 01|" --to 255 --algo bm -m comment --comment 
"IN ANY?" -j BADDNS
root@singapore:~# iptables -A BADDNS -m recent --set --name DNSQF --rsource
root@singapore:~# iptables -A BADDNS -m recent -p udp --dport 53 
--update --seconds 20 --hitcount 20 --name DNSQF --rsource -j DROP
root@singapore:~# iptables -vnx --list BADDNS
Chain BADDNS (1 references)
    pkts      bytes target     prot opt in     out source               
destination
       0        0            all  --  *      * 0.0.0.0/0            
0.0.0.0/0            recent: SET name: DNSQF side: source
       0        0 DROP       udp  --  *      * 0.0.0.0/0            
0.0.0.0/0            recent: UPDATE seconds: 20 hit_count: 20 name: 
DNSQF side: source udp dpt:53
root@singapore:~#


Ing. Alejandro M.
Hospedaje Web y Servidores Dedicados
http://www.dedicados.com.mx
------
correo / msn: ventas AT dedicados.com.mx
skype: dedicados
------
El 24/02/2014 11:27 p.m., Jeff Taylor escribió:
> Did you stop there or did you finish running ALL of the commands? The 
> error you pasted says the chain "BADDNS" doesn't exist... which is 
> true if you've never added those rules before.  If you don't run all 
> of the lines, you can't say it doesn't work.
>
> The same is true of the rules that are given on the wiki page. There 
> are specific instructions for some of the blocks.  You must add all of 
> the lines, in the exact order given, or they won't do anything for you.
>
>
> On 02/24/2014 10:09 PM, Hospedaje Web y Servidores Dedicados wrote:
> > i tryied and get same error always, in different server.
> >
> > root@singapore:~# iptables -F
> > root@singapore:~# iptables -X BADDNS
> > iptables: No chain/target/match by that name.
> > root@singapore:~#
> >
> > also on france. nl. chicago.
> >
> > i dont know...
> >
> > Ing. Alejandro M.
> > Hospedaje Web y Servidores Dedicados
> > http://www.dedicados.com.mx
> > ------
> > correo / msn: ventas AT dedicados.com.mx
> > skype: dedicados
> > ------
> >
> > El 24/02/2014 12:54 p. m., oVPN.to Support escribió:
> > > try these iptables: http://paste.debian.net/plainh/d947528b
> > >
> > > and give more information about attacks. only ANY requests?
> > > then put these iptables on it and you are fine, if not, give more
> > > information, which domains used, which type of requests/attacks...
> > >
> > > regards
> > > ovpn.to
> > >
> > >
> > >
> > > Quinn Wood:
> > > > On Mon, Feb 24, 2014 at 12:30 PM, Jeff Taylor 
> > > > <shdwdrgn AT sourpuss.net> wrote:
> > > > > [snip] However unless you have an arrangement
> > > > > with your hosting provider, in most cases there is nothing you can 
> > > > > do about
> > > > > the incoming traffic.
> > > > We need an upstream null route control panel :)
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > --------
> > > > You are a member of the OpenNIC Discuss list.
> > > > You may unsubscribe by emailing 
> > > > discuss-unsubscribe AT lists.opennicproject.org
> > > >
> > > >
> > > >
> > > >
> > > > --------
> > > > You are a member of the OpenNIC Discuss list.
> > > > You may unsubscribe by emailing 
> > > > discuss-unsubscribe AT lists.opennicproject.org
> >
> >
> >
> > --------
> > You are a member of the OpenNIC Discuss list.
> > You may unsubscribe by emailingdiscuss-unsubscribe AT lists.opennicproject.org
>
>
>
>
> --------
> You are a member of the OpenNIC Discuss list.
> You may unsubscribe by emailing discuss-unsubscribe AT lists.opennicproject.org