On 11/9/2019 8:30 AM, Gene Heskett wrote:
> I have a list of ipv4's I want fail2ban to block. But amongst the
> numerous subdirs for fail2ban, I cannot find one that looks suitable to
> put this list of addresses in so the are blocked forever.  Can someone
> more familiar with how fail2ban works give me a hand?  These are the
> ipv4 addresses of bingbot, semrush, yandex etc etc that are DDOSing me
> by repeatedly downloading my whole site and using up 100% of my upload
> bandwidth.
> Thanks all.
> Cheers, Gene Heskett

Rather then to use fail2ban for this, I would create un ipset that
fail2ban can populate then use that ipset in iptables.

One advantage of this is that you can add/delete ip from the ipset
without having to restart fail2ban/iptables.

John Doe

Reply via email to