X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?p=mod-security-cn.git;a=blobdiff_plain;f=rbl_lookup.conf;h=c72016eff6c3b879c9e6f55db67d6cb2d96574c4;hp=ebca5a38f4f71e9faa95f506a34e94a54a204209;hb=HEAD;hpb=d88c1a9e47b7892de4eda2a2a3f2494681c70856 diff --git a/rbl_lookup.conf b/rbl_lookup.conf index ebca5a3..5fa2dde 100644 --- a/rbl_lookup.conf +++ b/rbl_lookup.conf @@ -1,16 +1,18 @@ -## Begin - Generated by CARNet package mod-security-cn +## Begin - Generated by CARNET package mod-security-cn # # REMOVE this whole block if you DON'T WANT mod-security-cn # to edit your configuration file. # -## End - Generated by CARNet package mod-security-cn +## End - Generated by CARNET package mod-security-cn - + - # Skip RBL lookup for localhost, 161.53.0.0/16, 193.198.0.0/16 and 82.132.0.0/17 - SecRule REMOTE_ADDR "^(127\.0\.0\.1|161\.53\.\d{1,3}\.\d{1,3}|193\.198\.\d{1,3}\.\d{1,3}|82\.132\.(\d{1,2}|10\d{1}|11\d{1}|12[0-7]{1})\.\d{1,3})$" "phase:2,pass,nolog,t:none,skip:1" + # Skip RBL lookup for localhost, 161.53.0.0/16, 193.198.0.0/16, + # 192.84.91.0/24, 192.84.92.0/24, 192.84.105.0/24, 192.84.106.0/24, + # 31.147.0.0/16, 82.132.0.0/17 and 2001:b68::/32. + SecRule REMOTE_ADDR "!@rx ^(\:\:1|127\.0\.0\.1|161\.53\.\d{1,3}\.\d{1,3}|193\.198\.\d{1,3}\.\d{1,3}|192\.84\.(91|92|105|106)\.\d{1,3}|31\.147\.\d{1,3}\.\d{1,3}|82\.132\.(\d{1,2}|10\d{1}|11\d{1}|12[0-7]{1})\.\d{1,3}|2001\:b68\:.+)$" "phase:1,deny,log,id:99999,status:500,t:none,msg:'RBL: xbl.dnsbl-sh.carnet.hr',severity:CRITICAL,chain" # RBL lookup using xbl.dnsbl-sh.carnet.hr - SecRule REMOTE_ADDR "@rbl xbl.dnsbl-sh.carnet.hr" "phase:2,deny,log,status:500,t:none,msg:'RBL: xbl.dnsbl-sh.carnet.hr',severity:'1'" + SecRule REMOTE_ADDR "@rbl xbl.dnsbl-sh.carnet.hr"