IP'S Not Blocked

Post Reply
Terrablade
Junior Member
Posts: 5
Joined: 17 Jul 2014, 21:50

IP'S Not Blocked

Post by Terrablade »

Folks im adding ips to be blocked using the quick deny option. but im still getting notifications. Example.

3 failed login attempts to account test (smtp) -- Large number of attempts from this IP: 39.32.6.241
Origin Country: Pakistan (PK)

when I go to add the ip, it tells me its already added in the deny option.

Whats the issue?
Sergio
Junior Member
Posts: 1714
Joined: 12 Dec 2006, 14:56

Re: IP'S Not Blocked

Post by Sergio »

Please, post the iptable lines where the IP 39.32.6.241 is mentioned.
Terrablade
Junior Member
Posts: 5
Joined: 17 Jul 2014, 21:50

Re: IP'S Not Blocked

Post by Terrablade »

96 12 1792 DROP all -- !lo * 116.10.191.229 0.0.0.0/0
97 24 1152 DROP all -- !lo * 39.32.6.241 0.0.0.0/0
98 3 144 DROP all -- !lo * 39.32.128.196 0.0.0.0/0
99 0 0 DROP all -- !lo * 84.83.27.130 0.0.0.0/0
100 8 368 DROP all -- !lo * 116.10.191.194 0.0.0.0/0
101 268 17552 DROP all -- !lo * 61.153.105.76 0.0.0.0/0
102 0 0 DROP all -- !lo * 39.32.195.187 0.0.0.0/0
Sergio
Junior Member
Posts: 1714
Joined: 12 Dec 2006, 14:56

Re: IP'S Not Blocked

Post by Sergio »

What iptable was that? I suppose DENYIN, but, Do those IPs appear in another iptable, like in DENYOUT or only in DENYIN?
Terrablade
Junior Member
Posts: 5
Joined: 17 Jul 2014, 21:50

Re: IP'S Not Blocked

Post by Terrablade »

Chain DENYIN (1 references)
num pkts bytes target prot opt in out source destination
1 0 0 DROP all -- !lo * 122.226.95.166 0.0.0.0/0
2 0 0 DROP all -- !lo * 90.147.66.29 0.0.0.0/0
3 1 40 DROP all -- !lo * 122.225.103.0/24 0.0.0.0/0
4 0 0 DROP all -- !lo * 177.225.102.0/24 0.0.0.0/0
5 0 0 DROP all -- !lo * 94.244.131.0/24 0.0.0.0/0
6 0 0 DROP all -- !lo * 218.59.0.0/16 0.0.0.0/0
7 0 0 DROP all -- !lo * 190.221.0.0/16 0.0.0.0/0
8 0 0 DROP all -- !lo * 182.16.0.0/16 0.0.0.0/0
9 0 0 DROP all -- !lo * 66.175.138.116 0.0.0.0/0
10 0 0 DROP all -- !lo * 187.1.0.0/16 0.0.0.0/0
11 0 0 DROP all -- !lo * 31.199.0.0/16 0.0.0.0/0
12 0 0 DROP all -- !lo * 211.190.0.0/16 0.0.0.0/0
13 0 0 DROP all -- !lo * 85.70.0.0/16 0.0.0.0/0
14 0 0 DROP all -- !lo * 75.67.120.254 0.0.0.0/0
15 7 280 DROP all -- !lo * 222.136.0.0/16 0.0.0.0/0
16 38 1520 DROP all -- !lo * 61.174.0.0/16 0.0.0.0/0
17 0 0 DROP all -- !lo * 61.174.50.184 0.0.0.0/0
18 0 0 DROP all -- !lo * 219.235.5.149 0.0.0.0/0
19 0 0 DROP all -- !lo * 61.174.50.216 0.0.0.0/0
20 0 0 DROP all -- !lo * 173.208.137.250 0.0.0.0/0
21 0 0 DROP all -- !lo * 113.171.10.37 0.0.0.0/0
22 0 0 DROP all -- !lo * 144.0.0.42 0.0.0.0/0
23 0 0 DROP all -- !lo * 180.250.36.73 0.0.0.0/0
24 0 0 DROP all -- !lo * 62.173.154.88 0.0.0.0/0
25 0 0 DROP all -- !lo * 200.88.249.136 0.0.0.0/0
26 0 0 DROP all -- !lo * 151.8.99.194 0.0.0.0/0
27 0 0 DROP all -- !lo * 14.23.148.42 0.0.0.0/0
28 0 0 DROP all -- !lo * 95.228.84.117 0.0.0.0/0
29 0 0 DROP all -- !lo * 96.243.137.36 0.0.0.0/0
30 0 0 DROP all -- !lo * 190.116.62.70 0.0.0.0/0
31 0 0 DROP all -- !lo * 212.174.252.130 0.0.0.0/0
32 0 0 DROP all -- !lo * 14.169.97.136 0.0.0.0/0
33 0 0 DROP all -- !lo * 95.19.179.17 0.0.0.0/0
34 0 0 DROP all -- !lo * 101.78.154.74 0.0.0.0/0
35 0 0 DROP all -- !lo * 64.196.161.62 0.0.0.0/0
36 0 0 DROP all -- !lo * 58.185.184.213 0.0.0.0/0
37 0 0 DROP all -- !lo * 196.41.205.29 0.0.0.0/0
38 0 0 DROP all -- !lo * 87.25.58.51 0.0.0.0/0
39 0 0 DROP all -- !lo * 62.251.210.2 0.0.0.0/0
40 0 0 DROP all -- !lo * 212.174.254.28 0.0.0.0/0
41 0 0 DROP all -- !lo * 216.135.63.114 0.0.0.0/0
42 0 0 DROP all -- !lo * 92.87.210.196 0.0.0.0/0
43 0 0 DROP all -- !lo * 211.59.8.186 0.0.0.0/0
44 0 0 DROP all -- !lo * 180.250.80.237 0.0.0.0/0
45 0 0 DROP all -- !lo * 196.25.232.202 0.0.0.0/0
46 0 0 DROP all -- !lo * 93.67.59.132 0.0.0.0/0
47 0 0 DROP all -- !lo * 118.97.191.156 0.0.0.0/0
48 0 0 DROP all -- !lo * 93.107.104.11 0.0.0.0/0
49 0 0 DROP all -- !lo * 202.191.206.242 0.0.0.0/0
50 0 0 DROP all -- !lo * 12.236.34.135 0.0.0.0/0
51 0 0 DROP all -- !lo * 196.28.31.245 0.0.0.0/0
52 0 0 DROP all -- !lo * 217.91.121.82 0.0.0.0/0
53 0 0 DROP all -- !lo * 187.11.135.43 0.0.0.0/0
54 0 0 DROP all -- !lo * 202.77.111.242 0.0.0.0/0
55 0 0 DROP all -- !lo * 203.45.163.105 0.0.0.0/0
56 0 0 DROP all -- !lo * 89.216.21.136 0.0.0.0/0
57 0 0 DROP all -- !lo * 210.177.87.105 0.0.0.0/0
58 0 0 DROP all -- !lo * 213.197.190.168 0.0.0.0/0
59 0 0 DROP all -- !lo * 72.2.20.148 0.0.0.0/0
60 0 0 DROP all -- !lo * 105.237.96.94 0.0.0.0/0
61 0 0 DROP all -- !lo * 77.231.181.146 0.0.0.0/0
62 0 0 DROP all -- !lo * 105.237.4.72 0.0.0.0/0
63 0 0 DROP all -- !lo * 50.194.34.29 0.0.0.0/0
64 0 0 DROP all -- !lo * 85.152.57.61 0.0.0.0/0
65 0 0 DROP all -- !lo * 222.124.166.253 0.0.0.0/0
66 0 0 DROP all -- !lo * 46.10.210.15 0.0.0.0/0
67 0 0 DROP all -- !lo * 197.96.50.242 0.0.0.0/0
68 0 0 DROP all -- !lo * 79.136.209.206 0.0.0.0/0
69 0 0 DROP all -- !lo * 14.169.103.254 0.0.0.0/0
70 0 0 DROP all -- !lo * 80.224.50.223 0.0.0.0/0
71 0 0 DROP all -- !lo * 208.117.100.14 0.0.0.0/0
72 0 0 DROP all -- !lo * 144.0.0.52 0.0.0.0/0
73 74 2960 DROP all -- !lo * 116.10.191.202 0.0.0.0/0
74 0 0 DROP all -- !lo * 112.168.203.45 0.0.0.0/0
75 0 0 DROP all -- !lo * 61.147.103.71 0.0.0.0/0
76 0 0 DROP all -- !lo * 1.93.29.147 0.0.0.0/0
77 0 0 DROP all -- !lo * 1.93.34.234 0.0.0.0/0
78 2 80 DROP all -- !lo * 116.10.191.236 0.0.0.0/0
79 19 3284 DROP all -- !lo * 116.10.191.207 0.0.0.0/0
80 15 4516 DROP all -- !lo * 116.10.191.175 0.0.0.0/0
81 11 928 DROP all -- !lo * 116.10.191.204 0.0.0.0/0
82 19 888 DROP all -- !lo * 116.10.191.205 0.0.0.0/0
83 9 468 DROP all -- !lo * 199.168.143.178 0.0.0.0/0
84 214 14056 DROP all -- !lo * 144.0.0.35 0.0.0.0/0
85 2 80 DROP all -- !lo * 222.186.24.237 0.0.0.0/0
86 21 2424 DROP all -- !lo * 116.10.191.163 0.0.0.0/0
87 10 472 DROP all -- !lo * 116.10.191.165 0.0.0.0/0
88 8 368 DROP all -- !lo * 116.10.191.212 0.0.0.0/0
89 17 3124 DROP all -- !lo * 116.10.191.230 0.0.0.0/0
90 640 30744 DROP all -- !lo * 109.65.15.236 0.0.0.0/0
91 7 3864 DROP all -- !lo * 60.173.9.26 0.0.0.0/0
92 1 40 DROP all -- !lo * 60.173.12.98 0.0.0.0/0
93 9 468 DROP all -- !lo * 58.83.146.252 0.0.0.0/0
94 9 1620 DROP all -- !lo * 125.210.216.30 0.0.0.0/0
95 10 1188 DROP all -- !lo * 113.171.10.1 0.0.0.0/0
96 12 1792 DROP all -- !lo * 116.10.191.229 0.0.0.0/0
97 24 1152 DROP all -- !lo * 39.32.6.241 0.0.0.0/0
98 3 144 DROP all -- !lo * 39.32.128.196 0.0.0.0/0
99 0 0 DROP all -- !lo * 84.83.27.130 0.0.0.0/0
100 8 368 DROP all -- !lo * 116.10.191.194 0.0.0.0/0
101 268 17552 DROP all -- !lo * 61.153.105.76 0.0.0.0/0
102 0 0 DROP all -- !lo * 39.32.195.187 0.0.0.0/0
103 18 1720 DROP all -- !lo * 116.10.191.213 0.0.0.0/0
104 9 468 DROP all -- !lo * 174.143.128.61 0.0.0.0/0
105 8 416 DROP all -- !lo * 122.155.210.19 0.0.0.0/0
106 28 3072 DROP all -- !lo * 116.10.191.164 0.0.0.0/0
107 3 180 DROP all -- !lo * 187.174.116.250 0.0.0.0/0
108 85 5512 DROP all -- !lo * 193.107.17.72 0.0.0.0/0
109 10 460 DROP all -- !lo * 195.222.58.189 0.0.0.0/0
110 0 0 DROP all -- !lo * 89.165.37.19 0.0.0.0/0
111 8 358 DROP all -- !lo * 177.103.223.239 0.0.0.0/0
112 9 940 DROP all -- !lo * 116.10.191.211 0.0.0.0/0
113 16 1524 DROP all -- !lo * 116.10.191.223 0.0.0.0/0

Chain DENYOUT (1 references)
num pkts bytes target prot opt in out source destination
1 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 122.226.95.166
2 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 90.147.66.29
3 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 122.225.103.0/24
4 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 177.225.102.0/24
5 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 94.244.131.0/24
6 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 218.59.0.0/16
7 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 190.221.0.0/16
8 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 182.16.0.0/16
9 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 66.175.138.116
10 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 187.1.0.0/16
11 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 31.199.0.0/16
12 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 211.190.0.0/16
13 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 85.70.0.0/16
14 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 75.67.120.254
15 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 222.136.0.0/16
16 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 61.174.0.0/16
17 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 61.174.50.184
18 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 219.235.5.149
19 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 61.174.50.216
20 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 173.208.137.250
21 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 113.171.10.37
22 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 144.0.0.42
23 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 180.250.36.73
24 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 62.173.154.88
25 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 200.88.249.136
26 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 151.8.99.194
27 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 14.23.148.42
28 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 95.228.84.117
29 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 96.243.137.36
30 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 190.116.62.70
31 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 212.174.252.130
32 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 14.169.97.136
33 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 95.19.179.17
34 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 101.78.154.74
35 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 64.196.161.62
36 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 58.185.184.213
37 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 196.41.205.29
38 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 87.25.58.51
39 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 62.251.210.2
40 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 212.174.254.28
41 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 216.135.63.114
42 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 92.87.210.196
43 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 211.59.8.186
44 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 180.250.80.237
45 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 196.25.232.202
46 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 93.67.59.132
47 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 118.97.191.156
48 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 93.107.104.11
49 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 202.191.206.242
50 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 12.236.34.135
51 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 196.28.31.245
52 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 217.91.121.82
53 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 187.11.135.43
54 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 202.77.111.242
55 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 203.45.163.105
56 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 89.216.21.136
57 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 210.177.87.105
58 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 213.197.190.168
59 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 72.2.20.148
60 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 105.237.96.94
61 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 77.231.181.146
62 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 105.237.4.72
63 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 50.194.34.29
64 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 85.152.57.61
65 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 222.124.166.253
66 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 46.10.210.15
67 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 197.96.50.242
68 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 79.136.209.206
69 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 14.169.103.254
70 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 80.224.50.223
71 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 208.117.100.14
72 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 144.0.0.52
73 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 116.10.191.202
74 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 112.168.203.45
75 2562 318K LOGDROPOUT all -- * !lo 0.0.0.0/0 61.147.103.71
76 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 1.93.29.147
77 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 1.93.34.234
78 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 116.10.191.236
79 25 2428 LOGDROPOUT all -- * !lo 0.0.0.0/0 116.10.191.207
80 8 320 LOGDROPOUT all -- * !lo 0.0.0.0/0 116.10.191.175
81 2298 285K LOGDROPOUT all -- * !lo 0.0.0.0/0 116.10.191.204
82 34 4216 LOGDROPOUT all -- * !lo 0.0.0.0/0 116.10.191.205
83 17 2312 LOGDROPOUT all -- * !lo 0.0.0.0/0 199.168.143.178
84 6155 835K LOGDROPOUT all -- * !lo 0.0.0.0/0 144.0.0.35
85 10 1240 LOGDROPOUT all -- * !lo 0.0.0.0/0 222.186.24.237
86 1913 237K LOGDROPOUT all -- * !lo 0.0.0.0/0 116.10.191.163
87 17 2108 LOGDROPOUT all -- * !lo 0.0.0.0/0 116.10.191.165
88 34 4216 LOGDROPOUT all -- * !lo 0.0.0.0/0 116.10.191.212
89 24 7476 LOGDROPOUT all -- * !lo 0.0.0.0/0 116.10.191.230
90 10 1992 LOGDROPOUT all -- * !lo 0.0.0.0/0 109.65.15.236
91 8 6200 LOGDROPOUT all -- * !lo 0.0.0.0/0 60.173.9.26
92 17 2108 LOGDROPOUT all -- * !lo 0.0.0.0/0 60.173.12.98
93 17 2312 LOGDROPOUT all -- * !lo 0.0.0.0/0 58.83.146.252
94 8 416 LOGDROPOUT all -- * !lo 0.0.0.0/0 125.210.216.30
95 8 780 LOGDROPOUT all -- * !lo 0.0.0.0/0 113.171.10.1
96 23 2348 LOGDROPOUT all -- * !lo 0.0.0.0/0 116.10.191.229
97 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 39.32.6.241
98 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 39.32.128.196
99 18 1418 LOGDROPOUT all -- * !lo 0.0.0.0/0 84.83.27.130
100 27 3348 LOGDROPOUT all -- * !lo 0.0.0.0/0 116.10.191.194
101 1052 148K LOGDROPOUT all -- * !lo 0.0.0.0/0 61.153.105.76
102 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 39.32.195.187
103 819 102K LOGDROPOUT all -- * !lo 0.0.0.0/0 116.10.191.213
104 17 2312 LOGDROPOUT all -- * !lo 0.0.0.0/0 174.143.128.61
105 17 2312 LOGDROPOUT all -- * !lo 0.0.0.0/0 122.155.210.19
106 20 800 LOGDROPOUT all -- * !lo 0.0.0.0/0 116.10.191.164
107 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 187.174.116.250
108 95 12080 LOGDROPOUT all -- * !lo 0.0.0.0/0 193.107.17.72
109 67 5831 LOGDROPOUT all -- * !lo 0.0.0.0/0 195.222.58.189
110 32 2925 LOGDROPOUT all -- * !lo 0.0.0.0/0 89.165.37.19
111 51 4430 LOGDROPOUT all -- * !lo 0.0.0.0/0 177.103.223.239
112 28 1792 LOGDROPOUT all -- * !lo 0.0.0.0/0 116.10.191.211
113 10 400 LOGDROPOUT all -- * !lo 0.0.0.0/0 116.10.191.223
Sergio
Junior Member
Posts: 1714
Joined: 12 Dec 2006, 14:56

Re: IP'S Not Blocked

Post by Sergio »

it appears that your firewall is working and blocking the incoming IP that you mention in your post:
DENYIN
97 24 1152 DROP all -- !lo * 39.32.6.241 0.0.0.0/0

DENYOUT
97 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 39.32.6.241

Are you still receiving messages about this IP?
Terrablade
Junior Member
Posts: 5
Joined: 17 Jul 2014, 21:50

Re: IP'S Not Blocked

Post by Terrablade »

yes I keep receiving mail of attemps using Ips ive already blocked :/
Sergio
Junior Member
Posts: 1714
Joined: 12 Dec 2006, 14:56

Re: IP'S Not Blocked

Post by Sergio »

Please post the complete last message that you received regarding only to IP 39.32.6.241.
Terrablade
Junior Member
Posts: 5
Joined: 17 Jul 2014, 21:50

Re: IP'S Not Blocked

Post by Terrablade »

Last message was the one posted in the 1st post. the only thing missing is the quick links to add them...
Post Reply