On Fri 21/Jun/2024 10:55:53 +0200 Jeff Pang wrote:
Here is the drop list by iptables,
https://cloud.hostcache.com/drop.list
can you help take a look?
Of those 2805 addresses, 2726 are also on my block db, 79 are not.
That db currently holds 2,014,973 records. Rather than ipset or single
iptables rules, the IPs are stored on a Berkeley DB. They get blocked by a few
iptables rules ending in -j NFQUEUE. That passes the packet to a userspace
daemon which consults the database and decides whether to drop the packet or
not. See https://savannah.nongnu.org/projects/ipqbdb/
It's much more do-it-yourself than fail2ban.
It would be instructive to find a way to measure the server's slackening before
changing method. It is a memory vs. disk question.
Best
Ale
--
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
