I'm curious: Do any of you use a DNSBL with iptables somehow? phlux: no, how would that work anyway? staticsafe: I'm not sure, but there's got to be a way For now, I'm just going to resort to using this guy's list of IPs: http://www.wizcrafts.net/chinese-iptables-blocklist.html Hey everyone. Anyone use -or ever used- MaraDNS here? phlux: http://www.ipdeny.com/ipblocks/ why are you blocking china anyways? A lot of spam originates there Thanks for that list Use DNSBLs come again? putting it in iptables means that every packet has to traverse the whole chain inefficient I can't think of another way to utilize a DNSbL I admittedly haven't done much work with this other than setting up bopm, heh what IRCd are you using? Chary, but this isn't for the IRCd Chary can utilize DNSBLs ? where are you putting it? This is mainly for the httpd and e-mail server That's why I'm using iptables to do it e-mail servers can use DNSBLs What about apache? Apache can't iirc brb phlux: i do something similar with PF. Yeah, I've got a FreeBSD VPS with ARP that I've had for years, and I haven't bothered to learn pf yet :| i have a script that wget's a bunch of lists from iblocklist.com, then merges them into a couple diff files. then i load them as "tables" in pf. It's all cron job'd so it says current on all the lists. stays* nice! http://wmfb.co/txt/iblocklist.sh.txt http://list.iblocklist.com/?list=srzondksmjuwsvmgdbhi shady you'd need ur own subscription / pin number to pull the files down anyway from there. oo