On 11/11/2020 03:00, Kenneth Porter wrote:
--On Tuesday, November 10, 2020 9:48 AM -0500 Robert Kudyba
<rkud...@fordham.edu> wrote:
Here's another useful resource: https://iptoasn.com/
Any idea how to download the list and update /etc/hosts on a regular
basis?
I don't, but haven't messed with it much. I haven't tried the API.
When stuff like that doesn't work, I take Obi-wan's advice: Use the
source, Luke! :D There's a link at the bottom of the page to the web
service source code on GitHub.
Instead of /etc/hosts, I'd load the values into an ipset, probaby
using firewalld's commands to make them persistent and to reference
them in a "direct" iptables rule.
...... and when updating them, rather than manipulate the current set
(e.g "myset"), load them into a new set (e.g "myset-temp") then just
swap the sets over as you can't destroy a set while it is in use by a
firewall rule and it saved you diffing the old an new values to
manipulate the current set line by line.
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
