repeated hack attempts from domains not ip's and APF

Hi,

Occasionally i get hacks from domains rather than ip's and APF bans them like so:

/etc/apf/apf -d caronte.kion.it


However i then get repeated attempts - presumably they are able to change to a different IP, and still get in.

There's one going on right now, so how could i setup a rule to ban *kion.it or even temporarily *.it?

Many thanks,
Dan

 

 

 

 

Top