Menu
▾
▴
Re: [mod-security-users] apache 2 mod_security iptables
|
From: Reindl H. <h.r...@th...> - 2020-12-26 09:45:29
|
Am 26.12.20 um 10:42 schrieb Reindl Harald: > > > Am 26.12.20 um 10:11 schrieb jin&hitman&Barracuda: >> Hi, >> >> I've used failban for a bunch of smtp servers and it didn't go well. >> But there is another project (crowdsec) and i guess that it is worth >> to mention here. The project have many features which failban don't >> have. I haven't try it yet but i will soon. May be you'd like to look >> at it. >> >> Crowdsec: A Fail2Ban alternative written in Go - >> https://github.com/crowdsecurity/crowdsec >> <https://github.com/crowdsecurity/crowdsec> >> >> By the way, while i was using failban, i had a script (which i wrote) >> to add/remove ip adresses to openbsd firewall which is a lot easier >> than iptables. > > you don't write iptables rules for each and every address > > https://ipset.netfilter.org/ is your friend > https://ipset.netfilter.org/ipset.man.html > > * you have *one* iptables rule with the ipset match > * one command adds or removes and ip to the set > * it's dramatically faster -> hash-table > * you can block millions of ips without performance drop forgot the most important feature: it supports auto-expire you only care about add abusers [root@firewall:~]$ ipset -L BLOCKED_DYNAMIC_PORTSCAN_IPV4 | head -n 50 Name: BLOCKED_DYNAMIC_PORTSCAN_IPV4 Type: hash:ip Revision: 4 Header: family inet hashsize 1024 maxelem 65536 timeout 45 Size in memory: 98504 References: 3 Number of entries: 266 Members: 68.183.38.8 timeout 28 222.161.223.54 timeout 44 91.231.254.219 timeout 31 51.159.185.247 timeout 11 51.158.186.43 timeout 23 37.46.150.2 timeout 3 42.191.21.171 timeout 40 51.158.168.219 timeout 9 151.115.60.156 timeout 29 123.17.99.37 timeout 37 51.15.139.1 timeout 37 51.158.101.159 timeout 41 151.115.34.215 timeout 43 74.120.14.73 timeout 4 80.82.65.74 timeout 1 46.73.126.93 timeout 21 182.61.19.225 timeout 21 74.120.14.80 timeout 8 45.129.33.154 timeout 10 45.129.33.162 timeout 19 94.102.51.28 timeout 28 188.166.82.19 timeout 23 49.51.244.189 timeout 28 71.6.233.196 timeout 15 182.73.150.18 timeout 18 151.115.50.105 timeout 33 71.6.233.244 timeout 23 167.248.133.65 timeout 11 163.172.139.239 timeout 26 92.63.197.61 timeout 41 167.248.133.93 timeout 25 194.26.25.108 timeout 32 162.142.125.92 timeout 20 1.202.11.206 timeout 5 5.63.151.112 timeout 16 51.158.119.240 timeout 16 87.103.208.30 timeout 22 192.35.169.33 timeout 18 51.158.100.175 timeout 35 151.115.44.238 timeout 13 45.129.33.166 timeout 20 223.31.231.202 timeout 29 [root@firewall:~]$ |
