On 2019年11月9日 16:30:57 JST, Gene Heskett <ghesk...@shentel.net> wrote: >I have a list of ipv4's I want fail2ban to block. But amongst the >numerous subdirs for fail2ban, I cannot find one that looks suitable to > >put this list of addresses in so the are blocked forever. Can someone >more familiar with how fail2ban works give me a hand? These are the >ipv4 addresses of bingbot, semrush, yandex etc etc that are DDOSing me >by repeatedly downloading my whole site and using up 100% of my upload >bandwidth. > >Thanks all. > >Cheers, Gene Heskett >-- >"There are four boxes to be used in defense of liberty: > soap, ballot, jury, and ammo. Please use in that order." >-Ed Howdershelt (Author) >If we desire respect for the law, we must first make the law >respectable. > - Louis D. Brandeis >Genes Web page <http://geneslinuxbox.net:6309/gene>
Hi, In this case, better to use iptables directly: iptables -I INPUT 14 -s IP.ADD.RE.SS -j DROP -where I is for "Insert" -14 is the line nber of insertion -where s is for "source" -where j is for "jump to" -also, u can check current table with line-number by issuing: iptables -L -nv --line-numbers u can even script it for availability across reboot; by the way depending debian version, iptables might have been replaced by nft. hth!
