Testing & Blocking an Address

So, you might want to have a quick-start for blocking your first address using RBL. To do so, we first start the jwall-rbld as noted above and check that the address 172.16.0.1 returns code NXDOMAIN on queries:

# dig @127.0.0.1 -p 15353 1.0.16.172.rbl.localnet

The dig command can be used to isse DNS queries. In the above case, there will be a DNS query send to 127.0.0.1:15353, asking for the address of 1.0.16.172.rbl.localnet. The response should be a NXDOMAIN message.

Blocking an Address

Next, we start by accessing jwall-rbld's admin interface using telnet, which will provide you with the following prompt:

# telnet 127.0.0.1 15354

   jwall.org RBL Server v0.1
   -------------------------

   Welcome to the jwall-rbl server, Version v0.1
   This interface allows you to manage the block-list of this server.
   Type 'help' to get an overview of the available commands!

>

You can use the block command to add the address 172.16.0.1 to your block-list for 600 seconds (i.e. 10 minutes):

> block 172.16.0.1 600

Now, to verify the blocking, we query the server again, using dig:

# dig @127.0.0.1 -p 15353 1.0.16.172.rbl.localnet

This time, the response should resolve to 127.0.0.1:

# dig @127.0.0.1 -p 15353 1.0.16.172.rbl.localnet

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55218
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;1.0.16.172.rbl.localnet.		IN	A

;; ANSWER SECTION:
1.0.16.172.rbl.localnet.	598	IN	A	127.0.0.1
	

Testing & Querying jwall-rbld

For a quick test, you can use for example the dig command to send queries to your new jwall-rbld. To check whether the address 172.16.0.1 is contained on your block list, simply issue the command:

dig @127.0.0.1 -p 15353 1.0.16.172.rbl.localnet

Using the block command within your telnet session, you can add addresses to your block list, e.g. by running:

> block 172.16.0.1 600

which will cause the jwall-rbld to block the specified IP for 600 seconds.