On 06/20/2014 01:50 PM, Mike C. wrote:
>>
>> Anyone have experience with using IPSET on Debian? I'm pretty new to
>> Debian and my Google Foo seems to be barred from finding decent answers.
>> This is my second or third go-round looking for it. In fact I saw my
>> earlier posting to the list about this.
>>
>> So any pointers, clue-sticks, etc. would be appreciated.
>>
>>
>> \\||/
>> Rod
>>
>
Thanks Mike.
> I've been running Debian for about a decade now, hadn't heard of this and
> was curious about it. A quick google search returned 3 useful articles:
My Google Foo was lacking.
I did find the Linux Journal article and that is when I really got
interested in IPSET.
The other two did not show up in any of my searches. They are now
book marked.
I may have to adjust my use case. I am migrating from CentOS and tended
to use hard coded iptables rules in /etc/sysconfig/iptables. So I'm
trying to figure out how to have some of the IPSET tables preloaded on
boot before iptables is started. I am using the iptables-persistent
package to make the migration easier.
Looking back to my first attempt I see and remember I found a method to
do this. I requires some modifications to the
/etc/init.d/iptables-persistent script. I put the code in but commented
it out until I know what I am doing. I really should stand up a test
machine. Oh well one more thing on the tuit list of a round type.
Again thanks for the finds on the two other sites.
\\||/
Rod
--
>
> http://daemonkeeper.net/781/mass-blocking-ip-addresses-with-ipset/
>
>> http://www.linuxjournal.com/content/advanced-firewall-configurations-ipset
>> http://blog.robin.smidsrod.no/2011/10/07/autoblock-sshd-dictionary-attacks
>
>
> -- HTH
> _______________________________________________
> PLUG mailing list
> [email protected]
> http://lists.pdxlinux.org/mailman/listinfo/plug
>
_______________________________________________
PLUG mailing list
[email protected]
http://lists.pdxlinux.org/mailman/listinfo/plug
