On Sat, Nov 09, 2019 at 03:36:49AM -0500, Gene Heskett wrote: > On Saturday 09 November 2019 02:49:16 mett wrote: > > > On 2019年11月9日 16:30:57 JST, Gene Heskett <ghesk...@shentel.net> wrote: > > >I have a list of ipv4's I want fail2ban to block. But amongst the > > >numerous subdirs for fail2ban, I cannot find one that looks suitable > > > to > > > > > >put this list of addresses in so the are blocked forever. Can > > > someone more familiar with how fail2ban works give me a hand? These > > > are the ipv4 addresses of bingbot, semrush, yandex etc etc that are > > > DDOSing me by repeatedly downloading my whole site and using up 100% > > > of my upload bandwidth. > > > > > >Thanks all. > > > > > >Cheers, Gene Heskett > > >-- > > >"There are four boxes to be used in defense of liberty: > > > soap, ballot, jury, and ammo. Please use in that order." > > >-Ed Howdershelt (Author) > > >If we desire respect for the law, we must first make the law > > >respectable. > > > - Louis D. Brandeis > > >Genes Web page <http://geneslinuxbox.net:6309/gene> > > > > Hi, > > > > In this case, better to use iptables > > directly: > > > > iptables -I INPUT 14 -s IP.ADD.RE.SS -j DROP > root@coyote:action.d$ iptables -I INPUT 14 -s 73.229.203.175 -j DROP ^^
This "14" is probably the culprit. > doesn't work gets: > iptables: Index of insertion too big. Even as low as 8 This states at which position in the chain this rule is supposed to be inserted at (the "rulenum" in the man page). If you haven't an INPUT chain with at least 13 rules already in it (which I don't think you have), then the error message makes sense. For a first experiment, just leave that "14" out (-I doesn't require a rule number and inserts, by default, at the beginning, which in general makes sense). I'd try instead: iptables -I INPUT -s IP.ADD.RE.SS -j DROP Cheers -- t
signature.asc
Description: Digital signature
