Virtual Architects Support Wiki

User Tools

Site Tools

You are here: start » networking » firewall » windows_troubleshooting
Trace:
networking:firewall:windows_troubleshooting

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision 		Previous revision
networking:firewall:windows_troubleshooting [2016/03/23 13:23]
jcooper created 		networking:firewall:windows_troubleshooting [2021/07/07 12:14] (current)
gcooper
Line 1: Line 1:
-====== Block Traffic From a Particular Host ======+====== Windows Firewall Troubleshooting ======
  
-See also **[[networking:router:mikrotik_manual_blacklist|Manually Add and Remove IP Addresses to a Mikrotik Blacklist]]**+===== Enable Logging of port dropping packets =====
  
-:!: You can use ''DROP'' or ''REJECT'' depending on what you want the blocked host to know.+**Control Panel -> Windows Firewall -> Advanced Settings**
  
-<file> +Right click on the <file> Windows Firewall with Advanced Security on Local computer </file> and select Properties
-iptables -I INPUT -s 66.184.141.132 -j DROP +
-</file>+
  
-Delete the rules:+{{:networking:firewall:win_fw-troubleshooting.png|}}
  
-<file> + 
-iptables -D INPUT -s 66.184.141.132 -j DROP +
-</file>+
  
-Show the rules:+  - On the Domain Profile Tab under Logging tab select Customize 
 +{{:networking:firewall:domainprofiletab.png|}}
  
-<file> 
-iptables -L INPUT 
-</file> 
  
-One-liner to block evil hosts grep'd from Apache error logs:+   * Change Log dropped packets to yes.  Note the location of the log in the Name field.  Click OK, OK.  
  
-<file> +{{:networking:firewall:logdroppedpackets.png|}}
-for ip in `grep Itau.com.br /var/log/httpd/error_log|egrep -o "client [0-9]+\.[0-9]+\.[0-9]+\.[0-9]+"|sort |uniq|cut -f 2 -d " "`; do iptables -I INPUT -s $ip -j DROP; done +
-</file>+
  
-===== Block Hosts by User Agent String =====+  * Run the failing process then check the log for which port dropped packets.
  
-http://en.linuxreviews.org/HOWTO_stop_automated_spam-bots_using_.htaccess 
- 
-<file> 
-vim .htaccess 
-</file> 
- 
-<file> 
-# Block bots by User Agent string 
-SetEnvIfNoCase User-Agent "^Mozilla\/4.0 \(compatible\; MSIE 6.0\; Windows NT 5.1\; SV1\)" bad_bot 
-# Block empty User Agent string 
-SetEnvIfNoCase User-Agent ^$ bad_bot 
-SetEnvIfNoCase User-Agent "^AESOP_com_SpiderMan" bad_bot 
-SetEnvIfNoCase User-Agent "^Alexibot" bad_bot 
-SetEnvIfNoCase User-Agent "^Zyborg" bad_bot 
- 
-<Limit GET POST HEAD> 
-Order Allow,Deny 
-Allow from all 
-Deny from env=bad_bot 
-</Limit> 
-</file> 
- 
-<file> 
-service httpd restart 
-</file> 
networking/firewall/windows_troubleshooting.1458761025.txt.gz · Last modified: 2016/03/23 13:23 (external edit)

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki