Difference between revisions of "Block IP"
From Tech-Wiki
| Line 3: | Line 3: | ||
In order to block (or allow) connections based on static IP, or a data group, first, create a data group of type IP addr then use the code below (use 'not' if you want to allow instead) | In order to block (or allow) connections based on static IP, or a data group, first, create a data group of type IP addr then use the code below (use 'not' if you want to allow instead) | ||
| − | |||
if { [class match [IP::remote_addr] equals ip_blacklist] } { | if { [class match [IP::remote_addr] equals ip_blacklist] } { | ||
reject | reject | ||
| Line 10: | Line 9: | ||
Or | Or | ||
| + | when CLIENT_ACCEPTED { | ||
| + | if { not ( [class match [IP::client_addr] equals SMTP-Relay_Data-Group] ) } { | ||
| + | reject | ||
| + | } | ||
| + | } | ||
| + | |||
| + | Same using static IP hard coded: | ||
when CLIENT_ACCEPTED { | when CLIENT_ACCEPTED { | ||
if { [IP::addr [IP::client_addr] equals xx.xx.xx.xx/xx] } { | if { [IP::addr [IP::client_addr] equals xx.xx.xx.xx/xx] } { | ||
Revision as of 18:21, 28 March 2021
In order to block (or allow) connections based on static IP, or a data group, first, create a data group of type IP addr then use the code below (use 'not' if you want to allow instead)
if { [class match [IP::remote_addr] equals ip_blacklist] } {
reject
}
Or
when CLIENT_ACCEPTED {
if { not ( [class match [IP::client_addr] equals SMTP-Relay_Data-Group] ) } {
reject
}
}
Same using static IP hard coded:
when CLIENT_ACCEPTED {
if { [IP::addr [IP::client_addr] equals xx.xx.xx.xx/xx] } {
reject
}
}