Re: [CentOS] ipset and blacklisting
> -Original Message- > From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On > Behalf Of tdu...@palmettoshopper.com > Sent: Wednesday, September 21, 2016 9:10 AM > To: CentOS mailing list <centos@centos.org> > Subject: Re: [CentOS] ipset and blacklisting > I do a: > > ipset save blacklist, and service ipset save > > I use three scripts: > > access_log_ips.sh Thanks, I need to do this myself. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] ipset and blacklisting
Original Message Subject: Re: [CentOS] ipset and blacklisting From: "Albert McCann" <mac...@newsguy.com> Date: Wed, September 21, 2016 5:34 am To: "'CentOS mailing list'" <centos@centos.org> How are you saving and reloading the ipsets over a reboot? > -Original Message- > From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On > Behalf Of TE Dukes > Sent: Tuesday, September 20, 2016 9:46 PM > To: 'CentOS mailing list' <centos@centos.org> > Subject: [CentOS] ipset and blacklisting > > This is what ipset can do for traffic on a home server that's not wanted > on > a slow 6MB DSL connection. > > http://palmettoshopper.com/httpd_traffic.jpg > > I only use my home server for zoneminder, testing my commercial website > and > streaming movies. > > Got tired of hackers looking for files that don't exist on my home server > and non-complying robots. > > Check the drop in bandwidth. > > Setup up a redirect to the NSA webite. They can deal with the hackers. > > HTH > I do a: ipset save blacklist, and service ipset save I use three scripts: access_log_ips.sh #!/bin/bash ## cp /root/blacklist /root/blacklist.old sed -e 's/\([0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+\).*$/\1/' -e t -e d /var/log/httpd/access_log | sort | uniq > blacklist exit 0 import_blacklist.sh #!/bin/bash ## sed s/,/\\n/g /root/blacklist |while read i; do ipset add blacklist $i /usr/sbin/ipset save blacklist # rm -f /root/blacklist.old done and most importantly so I don't ban myself, ipset_whitelist.sh #!/bin/bash ## ipset del blacklist 192.168.1.102 ipset del blacklist 192.168.1.110 ipset del blacklist 107.161.163.5 ipset del blacklist 24.168.204.125 ipset del blacklist 107.161.163.4 ipset del blacklist 66.87.133.247 ipset del blacklist 107.161.163.10 ipset del blacklist 192.240.96.67 ipset del blacklist 107.161.163.8 ipset del blacklist 192.240.96.133 ipset del blacklist 127.0.0.1 ipset save blacklist service ipset save exit 0 I combined the three in another script that runs 4 times a day. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] ipset and blacklisting
How are you saving and reloading the ipsets over a reboot? > -Original Message- > From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On > Behalf Of TE Dukes > Sent: Tuesday, September 20, 2016 9:46 PM > To: 'CentOS mailing list' <centos@centos.org> > Subject: [CentOS] ipset and blacklisting > > This is what ipset can do for traffic on a home server that's not wanted > on > a slow 6MB DSL connection. > > http://palmettoshopper.com/httpd_traffic.jpg > > I only use my home server for zoneminder, testing my commercial website > and > streaming movies. > > Got tired of hackers looking for files that don't exist on my home server > and non-complying robots. > > Check the drop in bandwidth. > > Setup up a redirect to the NSA webite. They can deal with the hackers. > > HTH > > > > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] ipset and blacklisting
This is what ipset can do for traffic on a home server that's not wanted on a slow 6MB DSL connection. http://palmettoshopper.com/httpd_traffic.jpg I only use my home server for zoneminder, testing my commercial website and streaming movies. Got tired of hackers looking for files that don't exist on my home server and non-complying robots. Check the drop in bandwidth. Setup up a redirect to the NSA webite. They can deal with the hackers. HTH ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos