Pix 515: How do I block a range of IP address using the conduit command?
Am getting much UBE from three IP ranges 222.156.whatever. whatever, 219.91.whatever.whatever and 61.31.whatever.whatever. I can' use the shun command because the specific IP address keeps changing. I am trying to use the conduit command to block the ranges but am having no luck. I am an idiot when it comes to this Pix and am now thoroughly frustrated. I shut my mail server down because I refuse to be forward this stuff. The server is a small web/email server which (normally) does not get much traffic.
This is what I currently have for conduit commands, 22.214.171.124 is my ip.:
conduit permit icmp any any
conduit permit tcp host 126.96.36.199 eq www any
conduit permit tcp host 188.8.131.52 eq ftp any
conduit permit tcp host 184.108.40.206 eq pop3 any
conduit deny ip host 220.127.116.11 18.104.22.168 255.255.255.0
conduit deny ip host 22.214.171.124 126.96.36.199 255.255.255.0
conduit deny ip host 188.8.131.52 184.108.40.206 255.255.255.0
conduit permit tcp host 220.127.116.11 eq smtp any
Thanks a lot...