At 08:55 AM 8/5/2019, Robert Kudyba wrote:
Have you guys seen the sync-blacklist script from
<https://gist.github.com/klepsydra/ecf975984b32b1c8291a#gistcomment-2038935>https://gist.github.com/klepsydra/ecf975984b32b1c8291a#gistcomment-2038935
or
f2b-badips-to-hostsdeny.sh from
<https://github.com/mitchellkrogza/fail2ban-useful-scripts/blob/master/f2b-badips-to-hostsdeny.sh>https://github.com/mitchellkrogza/fail2ban-useful-scripts/blob/master/f2b-badips-to-hostsdeny.sh
That's interesting and informative.
I took a look at the script and based on my tests, it basically does
an IP ban of every IP on the blocklist, which is currently over
29,000 IPs. I was hoping perhaps that utility 'sipcalc' might
intelligently identify subnets and consolidate the ipsets into CIDR
ranges, but it wasn't doing that in my tests.
So this creates a rather huge IP blocklist. I assume this is rather
resource intensive?
This is a neat idea, but I want to take it further to identify CIDR
ranges and create a class A,B,C-based blocklist that doesn't have so
many entries.
Does anybody know of a utility that can take a large list of IP
addresses and consolidate them into range blocks? _______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
