-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 30-11-14 17:11, fail2ban list wrote: > This is my first post, so don't hate on me too much. I did search > the archive for BGP before posting, so hopefully it hasn't been > covered. > > I am looking to point Fail2Ban at a centralized syslog server (I > know I'd have to get the desired logs here first), complain to the > whois abuse contact (which I'm working on for my single server > setups) and then insert that IP address as a BGP blackhole. I see > how to add it as a local route blackhole, but I'm not sure how to > do the BGP part. I assume that I'd have to install a BGP daemon > locally or SSH into one (perhaps one I also use as a route > reflector?) and execute a command to insert a blackhole route. > > Has anyone done this? > > Can I do a second (or third) action in addition to that to remote > into off-net boxes and add it to their routes. I'd like to prefer > to do it via routes as routes has less load than a firewall. >
It sounds like a difficult task with a small gain. The amount of cpu cycles spared by using routes vs iptables is probably useless once you start using a python program that can tail logfiles (i.e. run fail2ban). Tom -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJUe0ngAAoJEJPfMZ19VO/1yMQQANDEBE3iEa6fMSEUmovqCEny XD9NnLayNT1Lkl0NZnUV7J+9VOVV6a6+q8c7WiCu52bnKIiE756erWVwDnWRnIHb 1vaK/+xWdt43l+c9b0nU8iT6pS7qIERJmAGfZz6wcv0mZBnsaQYBioI2kudV1X42 oaIxYS3vLF7cAqst610jMIH9y7WA8DzgXzDErs/MZYMVYq0BRZVfYiIi0Nwu7oet 15gr2wiYcmXjRLQlmlXD5zHrHsMbTjmr7lMM2FP9sCyECPiCa3Gukh/8RlQbb7cl xScZUtCtCQV+CaeKzg2heo++Z5ndM9rpx5rJ5YhXlmDQ6C+8/iH5D5UheaTgKWMr g0J/bbgbHb74TyaQkMlfk8TAWzyxs+ramcZaXgraYhvFvxlhitL8WswbPiBTWBHj ifWfh9Y4AgyAbCmySE0/GKwYgi2W9ui+03pyhUqS2v4Hyu8s/MIatNixkyPlGYfh HZV/gEY5K2ZsK/mjmoGxQHNTuMIVOUY94sjOyqdtfGsyEE2uF3aZ6bj2WMQ1t2dq NGkR/LfAU5C1uPftfVOGJqevqCUkI/o4FW3u9+DzAg35sOlmrvW33OpMTQlWsNUb G5m4Rvea3B1BD/VFVl/Bx6+KymdhwCRMVn8KFEwuZ5sESaKJi+0aELpe/7bQZoRp Lsxmz6YdBXo6xAb+6AIZ =6mC5 -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk _______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
