On Saturday 09 November 2019 04:01:32 to...@tuxteam.de wrote: > On Sat, Nov 09, 2019 at 03:36:49AM -0500, Gene Heskett wrote: > > On Saturday 09 November 2019 02:49:16 mett wrote: > > > On 2019年11月9日 16:30:57 JST, Gene Heskett <ghesk...@shentel.net> wrote: > > > >I have a list of ipv4's I want fail2ban to block. But amongst the > > > >numerous subdirs for fail2ban, I cannot find one that looks > > > > suitable to > > > > > > > >put this list of addresses in so the are blocked forever. Can > > > > someone more familiar with how fail2ban works give me a hand? > > > > These are the ipv4 addresses of bingbot, semrush, yandex etc etc > > > > that are DDOSing me by repeatedly downloading my whole site and > > > > using up 100% of my upload bandwidth. > > > > > > > >Thanks all. > > > > > > > >Cheers, Gene Heskett > > > >-- > > > >"There are four boxes to be used in defense of liberty: > > > > soap, ballot, jury, and ammo. Please use in that order." > > > >-Ed Howdershelt (Author) > > > >If we desire respect for the law, we must first make the law > > > >respectable. > > > > - Louis D. Brandeis > > > >Genes Web page <http://geneslinuxbox.net:6309/gene> > > > > > > Hi, > > > > > > In this case, better to use iptables > > > directly: > > > > > > iptables -I INPUT 14 -s IP.ADD.RE.SS -j DROP > > > > root@coyote:action.d$ iptables -I INPUT 14 -s 126.96.36.199 -j DROP > > ^^ > > This "14" is probably the culprit. > > > doesn't work gets: > > iptables: Index of insertion too big. Even as low as 8 > > This states at which position in the chain this rule is supposed > to be inserted at (the "rulenum" in the man page). If you haven't > an INPUT chain with at least 13 rules already in it (which I don't > think you have), then the error message makes sense. > > For a first experiment, just leave that "14" out (-I doesn't > require a rule number and inserts, by default, at the beginning, > which in general makes sense). I'd try instead: > > iptables -I INPUT -s IP.ADD.RE.SS -j DROP > I went back to 2, and built back to 10, which got enough of them to get some peace from their DDOSing.
> Cheers > -- t Cheers, Gene Heskett -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) If we desire respect for the law, we must first make the law respectable. - Louis D. Brandeis Genes Web page <http://geneslinuxbox.net:6309/gene>