From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-user+bounces-194835-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id E2C1A1382C5
	for <garchives@archives.gentoo.org>; Tue, 12 Jan 2021 18:52:04 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 1AA80E0AC9;
	Tue, 12 Jan 2021 18:51:59 +0000 (UTC)
Received: from smtp.hosts.co.uk (smtp.hosts.co.uk [85.233.160.19])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id 8AC42E0AC1
	for <gentoo-user@lists.gentoo.org>; Tue, 12 Jan 2021 18:51:58 +0000 (UTC)
Received: from host86-157-192-59.range86-157.btcentralplus.com ([86.157.192.59] helo=[192.168.1.65])
	by smtp.hosts.co.uk with esmtpa (Exim)
	(envelope-from <antlists@youngman.org.uk>)
	id 1kzOln-0004BM-3a
	for gentoo-user@lists.gentoo.org; Tue, 12 Jan 2021 18:51:55 +0000
Subject: Re: [gentoo-user] preventing some IP's from from being logged in
 apache
To: gentoo-user@lists.gentoo.org
References: <936902e6-845f-1a84-b543-82d90a5d769f@sys-concept.com>
 <MQonUmi--3-2@tutanota.com>
 <b47fae06-8afe-62e9-035e-97ea3981f84d@sys-concept.com>
 <5448876.DvuYhMxLoT@iris>
 <984ad33e-50d1-1ae2-ccb7-0b24d23aab72@sys-concept.com>
From: antlists <antlists@youngman.org.uk>
Message-ID: <a3334ac2-118b-d0ea-584d-e195ba09fa5e@youngman.org.uk>
Date: Tue, 12 Jan 2021 18:51:53 +0000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101
 Thunderbird/78.6.0
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@lists.gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply
MIME-Version: 1.0
In-Reply-To: <984ad33e-50d1-1ae2-ccb7-0b24d23aab72@sys-concept.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-GB
Content-Transfer-Encoding: 7bit
X-Archives-Salt: f5ecdcf7-c33f-4fc1-9c51-172e6607b9e5
X-Archives-Hash: 422e3e461f4ddc5a15331720b8f1ec1f

On 12/01/2021 17:11, thelma@sys-concept.com wrote:
> I wish they design blocking by country easier.

Unfortunately, IPv4 in particular, blocking by country is pretty much 
impossible because - due  to demand pressure - addresses are scattered 
pretty much randomly.

Especially with class A or B addresses, they might belong to a 
multi-national and be scattered all over the world, subnets might have 
been sold off, the rich world has bought a lot of addresses from the 
poor world, hacks might originate in country A but be carried out from a 
hijacked system in country B. Etc etc.

All these protocols etc originated in a much kinder era, and aren't 
designed to withstand abuse.

Cheers,
Wol