I have a little Ansible play that gathers data from the 3 machines I administer & another python scripts that puts them in the drop.xml file for firewalld to ingest. Then I use one more ansible play to push it back to all 3 machines. I drastically reduced the look back time so I switched back to the sqlite backend. So I also gather the db files and combine all bans listed into the drop.xml file. The only down side is with something like 11,800 ISP in the drop zone it takes about 30 or 40 seconds for the firewall to come back up after a reload.
On Wed, 2020-04-01 at 18:01 -0700, Kenneth Porter wrote: > On 4/1/2020 5:44 PM, Harrison Johnson wrote: > > This keeps me slightly ahead of the asshats. > > > > https://www.ip2location.com/free/visitor-blocker > > That's quite cool. With a little work the CIDR format could be > converted > to an ipsets file for firewalld or fed directly to its command line. > > > > > _______________________________________________ > Fail2ban-users mailing list > Fail2ban-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/fail2ban-users
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Fail2ban-users mailing list Fail2ban-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/fail2ban-users
