|
|
|
|
|
|
by Joel_Mckay
899 days ago
|
|
|
In general, hobbyists will add the rule updates via a firewall whisper command override in fail2ban. For example, shorewall/shorewall6 has rule set optimization for blrules (be warned single threaded Perl can take awhile for 300k IPs, and quick-boot rule-caching should be off during initial configuration). I also use a crude ban-list generator script for certain persistently annoying country codes poking around, that currently imports a lot of iblocklist, spamhaus, known compromised IP posts on dodgy forums, and malformed whois records. Yes it is rude to black-hole entire countries, but these same areas often tend to ruin the games with lagged connections and lame vulnerability/exfiltration scans. https://www.youtube.com/watch?v=eGOtZDk6wRc |
|
|