Centova Technologies Forum
Centova Cast v3 => General discussion => Topic started by: 440music on February 14, 2022, 04:29:05 pm
-
35.197.206.31
35.246.26.164
34.142.112.58
I've been getting unwanted relays that are not being blocked by the relay system in CentovaCast and causing an issue with bandwidth so this is what I did to stop the attacks.
Ubuntu uses UFW firewall, CentOS uses IPTable and the commands are almost identical
The firewall rule I wrote:
ufw deny from 35.197.206.0/24
That blocks all traffic from any computer in the 35.197.206.X or 255 IPs in total
This is a hot topic in the icecast forum
-
UPDate 4/8/2022
34.142.78.118
118.78.142.34.bc.googleusercontent.com
I've create an ipTable rule to block that IP/16 which blocks 34.142.0.0(64516 IPs) but they continue to rebroadcast/rip as a listener.
I'm using Ubuntu 18.04 LAMP server with 3 static IPs
Rules: UFW and iptable
I need help finding a solution not because of bandwith issues I don't want them rebroadcasting my members music. I only broadcast Indie Music and 75% of the music I broadcast 440Music is the only one that has those recordings. 8)
-
Same here and very aggressive agent. I have programmed a solution for this, which updates all AXIO based IP-Addresses every night from all our systems and locks them out. At least 99% of all AXIO user agents are gone daily. If a AXIOS IP-Address change on the current day, this one will be listed in this file on next day and so on.
Feel free to use it: https://safeguard.streampanel.net/blocklists/webradio/axios/output/axios.txt
-
Doing what I did started to block legitimate listeners, for now I'll live with it I'm only a 1 person team which is very limiting at times especially when 2 minds can solve an issue faster and often much better.
I'll continue to run fail2ban to block ssh and ftp and study more on ipTables
I checked the list of IPs I had for the axios stream and everyone was in the list I had built. 8)
-
I found the answer I needed to block un-autherized relaying through a media player.
The instructions I found that is blocking an IP range of 65k IPs
https://www.andoson.net/resources/linux/blocking-ip-addresses-on-centos-8-using-firewalld
firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='34.128.0.0/10' reject"
the IP range is determined /10 which is a block for 65536 IPs
Please be careful when using firewalld to block IP addresses as you will potentially block legitimate listeners. I will refine the IP range I'm blocking and what I did is a quick solution which needs refining.
Research firewalld and fail2ban before you make any changes and be sure to add yourself to the white list. 8)
-
Hi! if you use Icecast, you can easily block by user agent too :)