reCAPTCHA Allow Help

I currently have google services blocked but have a payment website I need to enable that has a reCAPTCHA box on it. I need some help on how to accomplish this, while keeping google services (search engine, email, etc) blocked.

You create an allow rule coming before the block rules. Use tail -f /var/log/messages while connecting to the reCAPTCHA server to see the IP address to allow.

Thanks for the reply - I’m sorry, but I don’t know how to do that.

Which part you do not understand? Creating a rule in the firewall, or checking the logs while connecting to the reCAPTCHA machine?

The logs portion

you ssh to the IPFire machine. Once you log in, you are in a console environment. Then, you issue the following command:

tail -f /var/log/messages

that command will open the kernel logs of IPFire and it will show the last few entries, as they happen. To exit, you press ctrl-c.

This way you see everything IPFire is doing. At this moment, you engage the captcha machine, you will see the kernel logging the packets being dropped. There you will see everything, including the source IP address.

With that information you open the firewall to that IP address or, if the IP rotate, an entire class of addresses (you need to find out this info, as you cannot use a DNS name for writing firewall rules).

Ok - I understand that - Thanks for taking the time to explain. I’m still learning a lot of this. I was able to find the IP address of reCAPTCHA on google’s website. It looks like they rotate and you have to add the ip addresses of all their servers which allows other google services.