BBS:      TELESC.NET.BR
Assunto:  x-news: DEEPNET, a browser hackign s
De:       Stephen Walsh
Data:     Sat, 21 Mar 2026 10:53:52 +1100
-----------------------------------------------------------

Hello Nick!

20 Mar 26 15:37, you wrote to T.J. Mcmillen:

 NA> I had to move my website back to OVH because its getting slammed with
 NA> bots, AI models and what I suspect is someone running a program to
 NA> mooch every stinkin file off the site. Doesn't matter if I rate-limit.
 NA> If there was some way to blacklist entire ASN's or by geo-IP it would
 NA> solve a lot... but not all.

This is how I block by ASN on linux (Just giving you the info, not going into Linux/WIN etc wars).

Note: The for i in.... is all one line, with upto the ending ;

ipset -N unifiedlayer hash:net

for i in $(whois -h whois.radb.net -- '-i origin AS15169' | grep "^route:" | cut -d ":" -f2 |
 sed -e 's/^[ \t]*//' | sort -n -t . -k 1,1 -k 2,2 -k 3,3 -k 4,4 |
 cut -d ":" -f2 | sed 's/$//') ;

do ipset -exist -A unifiedlayer "$i"
done

for i in $(whois -h whois.radb.net -- '-i origin AS46606' | grep "^route:" | cut -d ":" -f2 |
 sed -e 's/^[ \t]*//' | sort -n -t . -k 1,1 -k 2,2 -k 3,3 -k 4,4 |
 cut -d ":" -f2 | sed 's/$//') ;

do ipset -exist -A unifiedlayer "$i"
done


iptables -I INPUT -p tcp --destination-port 25 -m set --match-set unifiedlayer src -j DROP






Stephen


--- GoldED+/LNX 1.1.5-b20250409
 * Origin: Dragon's Lair ---:- dragon.vk3heg.net -:--- Prt: 6800 (3:633/280)

-----------------------------------------------------------
[Voltar]