Re: [SSHGuard-users] performance when using firewalld: adding/removing many entries at once

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

On 8/27/20 10:14 AM, Christopher Engelhard wrote:
> firewall-cmd itself talks to firewalld via the DBus interface, so one
> could maybe save some time by using DBus directly, if firewall-cmd is in
> fact the culprit.
> 
> The direct interface bypasses firewalld and sends stuff directly to the
> underlying firewall backend, which might be a problem because that
> backend could be iptables or nftables or whatever else firewalld supports.

I see, firewalld is already one layer of indirection.

I wonder how firewalld talks to its underlying backends? Could that be
the culprit? SSHGuard does install iptables and nft backends, too.

Re: [SSHGuard-users] performance when using firewalld: adding/removing many entries at once

Intelligently block brute-force attacks by aggregating system logs

Re: [SSHGuard-users] performance when using firewalld: adding/removing many entries at once