Blocking Territories - Airtime Development Discussions on Sourcefabric Forum

Roger Wilco

Hello! Looking for creative ideas on how to block incoming listening requests from specific locations. What's the best way to go about it? Figure iptables is the best tool to handle it, but that's just a guess. Thoughts anyone? 8-}

Albert FR

you can do that with iptables, /etc/hosts.deny and .htaccess

Roger Wilco

/etc/hosts.deny and .allow is probably the most efficient route with the least amount of overhead, correct? It's certainly the easiest to configure, imho.

Albert FR

depending of your server,
but yes

Roger Wilco

Evidently hosts.deny + .allow isn't honored by Icecast2, and it's depreciated anyway. Is that right? Already have a pair of entries in iptables to shift traffic from port 8000 down to port 80. Whether or not that's even a good idea is beyond this space monkey... :(|)

Albert FR

into icecast config change user to root into /etc/default/icecast an give the port 80 into icecast.xml
(don't forget to chroot your icecast)
but with this config no apache :D

Roger Wilco

It's really that simple to get icecast to snatch port 80 natively? I'll have to try that here tonight! Running icecast on a separate server is the way to go, so no worries about apache!

Now, if I could just ban connections from .cn and other shifty TLDs without resorting to tables and tables full of IP blocks, I'd be a happy puppy... :o3

Howdy, Stranger!

Categories

Poll

Top Posters