Does anyone know how to add bulk IP addresses to the block list of Sygate Personal Firewall 5.6?
I want to block all the IP addresses from certain countries and these lists are readily available but getting them into the firewall without adding them one at a time would be a blessing.
Even if you know the file name that Sygate uses to store that block information might give me a chance to edit it.
Incognito w neck brace
Firewalls can generally accept CIDR format. CIDR is shorthand to represent a range of IPs. The last question on the FAQ here http://software77.net/faq.html explains how it works.
This page - http://software77.net/cgi-bin/ip-country/geo-ip.pl - allows you to specify a two digit country code and find all IPs for that country (use the 2nd text box on the right).
NOTE: Generally you should not have more than about 100-200 rules in a firewall or it can cause other issues.
I got the entire IP blocks of China over here (thanks):Originally Posted by bdh
http://software77.net/cgi-bin/ip-country/geo-ip.pl
Now how to get that into the firewall?
That CIDR 101 FOR DUMMIES isn't dumb enough to tell me how to get that into the firewall.
Plus notice the example given in the screen shot:
10.0.0.1,192.168.0.1-192.168.0.76
is it a comma or a hyphen between web addresses?
And what about the abbreviated form in the CIDR 101 FOR DUMMIES?
I found this copy and paste compiler over here but don't know how to make it work either.
http://www.bluetack.co.uk/converter/index.php
Anyone?????????
For whatever reason Sygate does not accept CIDR formatting such as 117.8.0.0/13 or 117.8.0./13
It only accepts the format of:
1.1.1.0-1.1.1.255,2.2.2.0-2.2.2.255,3.3.3.0-3.3.3.255 so on and so forth if you wanted to block these addresses:
1.1.1.0
1.1.1.255
2.2.2.0
2.2.2.225
3.3.3.0
3.3.3.255
or whatever the IP's are in one string as one rule or each IP address can be a rule in itself.
Incognito w neck brace
The link I gave you does the conversion to CIDR. If you look up one IP at a time, it will show you the range like so xx.xx.xx.xx-yy.yy.yy.yy
I don' need the conversion to CIDR because Sygate 5.6 won't accept the CDIR "shorthand" version of IP ranges. Seems strange so many sites saying it does and even give instructions for it so maybe they are assuming and never actually used the program or CDIR may work on another version of Sygate. If that is the case they should state the version since all this CDIR stuff from beginning to end got me to waste about 6 hours yesterday evening.
I found plenty of IP Range to CDIR converters but none to convert CDIR to IP ranges.
I could be wrong but actual IP Ranges such as xx.xx.xx.xx-yy.yy.yy.yy aren't CDIR format.
As it turns out I need the IP ranges instead of the "shorthand" so I poked around and found this place that will give you a choice of a country's IP's in CDIR or as IP Ranges.
http://www.find-ip-address.org/ip-country/
If that other gives me the IP ranges as you said it's one at a time and there almost a 1,000 that need to be condensed to xx.xx.xx.xx-yy.yy.yy.yy so between all the copying and pasting and then recopying and repasting that could be forever.
Not that I have the list I can edit it a little and paste it in.
OK, loaded and done. I used my HTML editor to replace all those carriage returns with ", " while word wrap was disabled so I got one long string out of it.
Since I haven't found ready made block string to paste into Sygate 5.6 Advanced Rules here it is in the attachment if anyone wants to block all Chinese IP addresses.
Last edited by napsnsnacks; Oct 4th 2008 at 01:57 AM.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
Reply With Quote
Bookmarks