X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?a=blobdiff_plain;f=rbl_lookup.conf;h=a6d3080dc7cac84b84e5979a9f9de656811ce09c;hb=ec48dc950b35445e2c742e644d62e4fc5425705a;hp=ebca5a38f4f71e9faa95f506a34e94a54a204209;hpb=d88c1a9e47b7892de4eda2a2a3f2494681c70856;p=mod-security-cn.git diff --git a/rbl_lookup.conf b/rbl_lookup.conf index ebca5a3..a6d3080 100644 --- a/rbl_lookup.conf +++ b/rbl_lookup.conf @@ -5,12 +5,14 @@ # ## End - Generated by CARNet package mod-security-cn - + - # Skip RBL lookup for localhost, 161.53.0.0/16, 193.198.0.0/16 and 82.132.0.0/17 - SecRule REMOTE_ADDR "^(127\.0\.0\.1|161\.53\.\d{1,3}\.\d{1,3}|193\.198\.\d{1,3}\.\d{1,3}|82\.132\.(\d{1,2}|10\d{1}|11\d{1}|12[0-7]{1})\.\d{1,3})$" "phase:2,pass,nolog,t:none,skip:1" + # Skip RBL lookup for localhost, 161.53.0.0/16, 193.198.0.0/16, + # 192.84.91.0/24, 192.84.92.0/24, 192.84.105.0/24, 192.84.106.0/24, + # 31.147.0.0/16, 82.132.0.0/17 and 2001:b68::/32. + SecRule REMOTE_ADDR "!@rx ^(\:\:1|127\.0\.0\.1|161\.53\.\d{1,3}\.\d{1,3}|193\.198\.\d{1,3}\.\d{1,3}|192\.84\.(91|92|105|106)\.\d{1,3}|31\.147\.\d{1,3}\.\d{1,3}|82\.132\.(\d{1,2}|10\d{1}|11\d{1}|12[0-7]{1})\.\d{1,3}|2001\:b68\:.+)$" "phase:1,deny,log,status:500,t:none,msg:'RBL: xbl.dnsbl-sh.carnet.hr',severity:CRITICAL,chain" # RBL lookup using xbl.dnsbl-sh.carnet.hr - SecRule REMOTE_ADDR "@rbl xbl.dnsbl-sh.carnet.hr" "phase:2,deny,log,status:500,t:none,msg:'RBL: xbl.dnsbl-sh.carnet.hr',severity:'1'" + SecRule REMOTE_ADDR "@rbl xbl.dnsbl-sh.carnet.hr"