--On Friday, August 02, 2019 2:18 PM -0500 Mike <[email protected]> wrote:
I had been using a special ruleset I created in F2B, but those require timeouts and seem to only work with single IPs, so I'm thinking I need to create some scripts that will do this outside of F2B?
Use ipset to manage the list and iptables to insert the rule that uses the list. I do this to block all non-US countries from my authenticated services, at least for those identified by port number (eg. submission, imap, ssh). (I can't do this for HTTP because authentication uses the same port as legitimate non-authenticated visitors.)
If your distro uses firewalld, you can use its support for ipsets to maintain your list in a simple XML format and create a "direct" rule that drops members of that list. Otherwise, I think the latest ipset package can load your sets at boot time and the iptables "service" can install a rule.
_______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
