Re: [Fail2ban-users] Updateing Ip.Blacklist

Thu, 22 Feb 2018 14:12:16 -0800

Isn't f2b overkill for this? Can't you do it with a single iptables rule calling an ipset set? I do it a lazy way because I could not be bothered to script a loop. Something like: 

   ipset create custom-block hash:net -exist
   ipset flush custom-block

   if [ "$FW_PROTO" == "ipv4" ]; then true
        $IPTABLES -I INPUT -m set --match-set custom-block src -m state
   --state NEW -j DROP
        #$IPTABLES -I INPUT -m set --match-set custom-block src -m
   state --state NEW -j LOG --log-prefix "Custom_Block"
   fi

   ipset add -exist custom-block 1.160.40.0/22
   ipset add -exist custom-block 1.162.168.0/21
   ipset add -exist custom-block 1.162.232.0/21
   ipset add -exist custom-block 24.51.113.156
   ipset add -exist custom-block 27.38.21.199


Nick

On 22/02/2018 21:42, Philip wrote:
I have a script that logs IP's into a file and then like the rest of the logs when it's updated Fail2Ban does what it does and bans the IP. You just set up a jail and it works like all the other logs... 

On 04/02/2018 23:15, Maurizio Caloro wrote:


Hello Together
Please i have write form e a little script to autoupdate me Ip.Balcklist, the question that i have are, if this are update i need to restart the Fail2ban Service?
And if i restart this service i will become ca.2000 emails from fail2ban with ip that are banned! It’s this also correct? 

Regards

Mauri



------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org!http://sdm.link/slashdot


_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users




------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot


_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users



------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users

Reply via email to