| Author |
Message |
persona_non_grata
Joined:
Posts: 0
|
 Posted:
Mon Jun 12, 2006 4:28 pm |
 
|
is there a reason why the writing to htaccess for blocked ranges isnt working?
i mentioned this before but it was never fixed ...
And another question....
if you search an ip it shows the results for tracked ip,or range....etc..
but in the table of the range it shows no function to block the range..
Why is that?
Any reason why we still have to put the range in manualy? |
|
|
|
|
manunkind
Client
Joined: Apr 26, 2004
Posts: 368
Location: Albuquerque, NM
|
| Posted:
Mon Jun 12, 2006 6:48 pm |
|
| persona_non_grata wrote: | is there a reason why the writing to htaccess for blocked ranges isnt working?
i mentioned this before but it was never fixed ...
|
Ack. I wanted to do this and didn't know that it wasn't working correctly. Thanks! I now know.  |
|
|
|
|
gregexp
The Mouse Is Extension Of Arm
Joined: Feb 21, 2006
Posts: 1472
Location: In front of a screen....HELP! lol
|
| Posted:
Mon Jun 12, 2006 6:49 pm |
|
does it write anything into the .htaccess? |
|
|
  
  |
|
gregexp
The Mouse Is Extension Of Arm
Joined: Feb 21, 2006
Posts: 1472
Location: In front of a screen....HELP! lol
|
| Posted:
Mon Jun 12, 2006 8:30 pm |
|
i am currently looking into this and it seems that it writes to the .htaccess the first three sets but it strips the period and star...it seems to be in includes/nukesentinel.php im goin to attempt to remove som coding and hopefully that will work....is this the same issue ur having? |
|
|
|
|
|
gregexp
The Mouse Is Extension Of Arm
Joined: Feb 21, 2006
Posts: 1472
Location: In front of a screen....HELP! lol
|
| Posted:
Mon Jun 12, 2006 8:53 pm |
|
after looking into this..i believe i have found the line(more the one intance) where it strips the .*
| Code: | $i = 1;
while ($i <= 3) {
$tip = substr($clearblock['ip_addr'], -2);
if ($tip == ".*") { $clearblock['ip_addr'] = substr($clearblock['ip_addr'], 0, -2); }
$i++;
}
|
not sure if this is anything that the nukesentinel team has done on purpose but it appears to be that so i will not alter that line myself till some1 from the team says its ok because i dont think this is an error...i think this was done on purpose..not sure why but i wont step on their coding till i know for sure. |
|
|
|
|
|
persona_non_grata
Joined:
Posts: 0
|
| Posted:
Tue Jun 13, 2006 3:59 am |
|
yeah sure it writes to the htaccess but only ip's that are banned...
that means...if i ban them or sentinel..
but ranges never worked... |
|
|
|
|
|
Guardian2003
Site Admin
Joined: Aug 28, 2003
Posts: 4868
|
| Posted:
Tue Jun 13, 2006 5:32 am |
|
Actually, I think you are right. I cannot remember blocked ranges getting written to htaccess.
I am adding this to Mantis as a bug report.
Edited: Added as a feature request as I'm fairly sure the function was never meant to write ranges to htaccess. |
|
|
|
|
|
montego
Site Admin
Joined: Aug 29, 2004
Posts: 7487
Location: Arizona
|
| Posted:
Tue Jun 13, 2006 5:42 am |
|
Thanks Guardian! It is so good to see Bob "active" again and making improvements to the product. He may be willing to look into this one. |
|
|
|
|
|
persona_non_grata
Joined:
Posts: 0
|
| Posted:
Tue Jun 13, 2006 5:47 am |
|
ah thanks guardian...but this is wellknown... 
sentinel can be optimized in many ways....but for now...nothing happens...
like now with the egallery attacks...
when i check the ip's used...
it gives the option to delete or edit the range the ip is in.... 
But can i ban it ?...NOPE
i have to do it by hand.....
and then its only banned in the database...lol
btw guardian...
the write problem was mentioned here to..
|
|
|
|
|
|
fkelly
Moderator
Joined: Aug 30, 2005
Posts: 2204
Location: near Albany NY
|
| Posted:
Tue Jun 13, 2006 7:11 am |
|
I believe that if you do an import of a country range to block the IPs in that range it is true that Sentinel doesn't write to htaccess. On the other hand if you block a range "manually" by putting in the starting and ending IP's then it does write to htaccess. The results are expressed as cidr's. Here is a couple of lines from my htaccess that I just wrote out this morning by banning a range manually:
deny from 200.128.0.0/11
deny from 200.160.0.0/9
I've googled cidrs and I think it is the /11 for instance is the number of 255 address groups that are banned starting from 200.128.0.0. But I'm not sure about that and I don't have any ambitions to become an expert on IP address arithmetic.
The blocked range menu is a little funky, in some cases it takes you to a screen that seems to be generated "outside" of the default theme and it gives you a list of a bunch of ranges with the option to "go back". It's not at all clear to me what you are supposed to do with this. The first time I tried to ban a range this morning it didn't "take" but possibly I had some error in stating the range I wanted to ban. The second time it did take.
I don't know if there might be performance reasons for not writing a huge range of addresses to htaccess. The file has to be read for every access anyone makes into your web site so "normal" users will be paying any penalty that's incurred by having a whole bunch of entries for banned ranges in there. On the other hand it could be cached somehow and not matter. That's beyond me too. |
|
|
|
|
|
persona_non_grata
Joined:
Posts: 0
|
| Posted:
Tue Jun 13, 2006 7:20 am |
|
well writing a range to the htacces is just one line..
if when you search an ip in sentinel it shows the ip in the range table.....
in there it should show a function to directly ban the range... |
|
|
|
|
|
montego
Site Admin
Joined: Aug 29, 2004
Posts: 7487
Location: Arizona
|
| Posted:
Wed Aug 02, 2006 7:18 am |
|
I have verified in NS 2.5.0 that it is in fact writing to .htaccess the CIDRs corresponding to the range that you enter into the Blocked Ranges. |
|
|
|
|
|
manunkind
Client
Joined: Apr 26, 2004
Posts: 368
Location: Albuquerque, NM
|
| Posted:
Wed Aug 02, 2006 9:53 pm |
|
| fkelly wrote: | Here is a couple of lines from my htaccess that I just wrote out this morning by banning a range manually:
deny from 200.128.0.0/11
deny from 200.160.0.0/9
I've googled cidrs and I think it is the /11 for instance is the number of 255 address groups that are banned starting from 200.128.0.0. |
With this:
deny from 200.128.0.0/11
..I believe you are actually banning a possible 2,097,152 hosts. (2^21 for the remaining host bits)
Did you ban whole countries?? |
Last edited by manunkind on Thu Aug 03, 2006 6:05 am; edited 1 time in total |
|
|
|
|
persona_non_grata
Joined:
Posts: 0
|
| Posted:
Thu Aug 03, 2006 5:56 am |
|
huh...who are you asking this? |
|
|
|
|
|
manunkind
Client
Joined: Apr 26, 2004
Posts: 368
Location: Albuquerque, NM
|
| Posted:
Thu Aug 03, 2006 6:07 am |
|
Sorry, persona_non_grata. I edited my post to show a quote. |
|
|
|
|
|
persona_non_grata
Joined:
Posts: 0
|
| Posted:
Thu Aug 03, 2006 6:12 am |
|
ah..i see,well to answer that...
it bans a whole range yes,not a full country...
your example is a range of brazil.
so banning brazil would need the following..
139.82.0.0/16
143.54.0.0/16
143.106.0.0/15
143.108.0.0/16
144.23.0.0/16
146.134.0.0/16
146.164.0.0/16
147.65.0.0/16
150.161.0.0/16
150.162.0.0/15
150.164.0.0/15
152.84.0.0/16
152.92.0.0/16
155.211.0.0/16
157.86.0.0/16
161.24.0.0/16
161.79.0.0/16
161.148.0.0/16
164.41.0.0/16
164.85.0.0/16
170.66.0.0/16
189.0.0.0/11
192.80.209.0/24
192.111.229.0/24
192.111.230.0/24
192.132.35.0/24
192.146.157.0/24
192.146.229.0/24
192.147.210.0/24
192.147.218.0/24
192.153.88.0/24
192.153.120.0/24
192.153.155.0/24
192.159.116.0/23
192.160.45.0/24
192.160.50.0/24
192.160.111.0/24
192.160.128.0/24
192.160.188.0/24
192.188.11.0/24
192.190.30.0/23
192.195.237.0/24
192.198.8.0/21
192.207.194.0/23
192.207.200.0/22
192.207.204.0/23
192.207.206.0/24
192.223.64.0/18
192.231.114.0/23
192.231.116.0/22
192.231.120.0/23
192.231.175.0/24
192.231.176.0/24
198.12.32.0/19
198.17.120.0/23
198.17.231.0/24
198.17.232.0/24
198.49.128.0/22
198.49.132.0/23
198.50.16.0/21
198.58.8.0/22
198.58.12.0/24
198.184.161.0/24
200.0.8.0/21
200.0.32.0/20
200.0.48.0/21
200.0.56.0/22
200.0.60.0/23
200.0.67.0/24
200.0.68.0/22
200.0.72.0/24
200.0.81.0/24
200.0.85.0/24
200.0.86.0/23
200.0.89.0/24
200.0.90.0/23
200.0.92.0/23
200.0.100.0/23
200.0.102.0/24
200.0.114.0/24
200.3.16.0/20
200.5.9.0/24
200.6.35.0/24
200.6.36.0/22
200.6.40.0/21
200.6.48.0/24
200.6.128.0/22
200.6.132.0/23
200.7.0.0/22
200.7.8.0/22
200.7.12.0/23
200.9.0.0/23
200.9.2.0/24
200.9.65.0/24
200.9.66.0/23
200.9.68.0/22
200.9.76.0/23
200.9.78.0/24
200.9.84.0/22
200.9.88.0/21
200.9.102.0/23
200.9.104.0/22
200.9.112.0/23
200.9.114.0/24
200.9.116.0/22
200.9.120.0/23
200.9.123.0/24
200.9.124.0/22
200.9.129.0/24
200.9.130.0/23
200.9.132.0/22
200.9.136.0/22
200.9.140.0/24
200.9.143.0/24
200.9.144.0/24
200.9.148.0/23
200.9.158.0/23
200.9.160.0/22
200.9.164.0/24
200.9.169.0/24
200.9.170.0/23
200.9.172.0/22
200.9.181.0/24
200.9.182.0/23
200.9.184.0/23
200.9.186.0/24
200.9.199.0/24
200.9.200.0/24
200.9.202.0/23
200.9.206.0/23
200.9.214.0/24
200.9.220.0/22
200.9.224.0/24
200.9.226.0/24
200.9.229.0/24
200.9.234.0/24
200.9.249.0/24
200.9.250.0/23
200.9.252.0/24
200.10.4.0/22
200.10.32.0/20
200.10.48.0/21
200.10.56.0/22
200.10.132.0/22
200.10.136.0/23
200.10.138.0/24
200.10.141.0/24
200.10.144.0/24
200.10.146.0/24
200.10.153.0/24
200.10.154.0/24
200.10.156.0/22
200.10.163.0/24
200.10.164.0/24
200.10.173.0/24
200.10.174.0/23
200.10.176.0/22
200.10.180.0/23
200.10.183.0/24
200.10.185.0/24
200.10.187.0/24
200.10.189.0/24
200.10.191.0/24
200.10.192.0/23
200.10.209.0/24
200.10.210.0/24
200.10.227.0/24
200.10.245.0/24
200.11.0.0/20
200.11.16.0/21
200.11.24.0/22
200.11.28.0/24
200.12.0.0/20
200.12.131.0/24
200.12.139.0/24
200.12.157.0/24
200.13.8.0/21
200.14.32.0/23
200.14.35.0/24
200.14.36.0/24
200.17.0.0/16
200.18.0.0/15
200.20.0.0/16
200.96.0.0/13
200.128.0.0/9
201.0.0.0/10
201.64.0.0/11
206.221.80.0/20
have fun..  |
|
|
|
|
|
|
|
|
|
![[Valid RSS]](http://ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
:: 
::
