Mail-in-a-Box Forum

Manually blocking ip's

ecourt April 8, 2023, 2:42am 1

got some russian ip’s trying to access mail…

so easy, right, just block the ip’s – well yes…
I manage firewalls on 4 other servers, and do this all the time, but the unrealistically complex setup of this firewall has me guessing.

ufw deny from xxx.xxx.xxx.xxx
iptables -A input -s xxx.xxx.xxx.xxx -j DROP
added drop rules to /etc/ufw/before.rules
added drop rules to /etc/ufw/after.rules
added drop rules to /etc/ufw/user.rules

none of these will work.
what chain can you put ip block rules ? – I suspect someone added the accept rules so high in the chain, it’s not possible.

KiekerJan April 9, 2023, 8:13am 2

Maybe this helps

andrew April 9, 2023, 9:36am 3

Have you tried “ufw insert 1 deny ...” to put the rule at the top of the list?

ecourt April 9, 2023, 7:35pm 4

I did not think about an insert… that helped… thanks

system Closed May 19, 2023, 7:36pm 5

This topic was automatically closed 40 days after the last reply. New replies are no longer allowed.