I have a little Ansible play that gathers data from the 3 machines I
administer & another python scripts that puts them in the drop.xml file
for firewalld to ingest. Then I use one more ansible play to push it
back to all 3 machines. I drastically reduced the look back time so I
switched back to the sqlite backend. So I also gather the db files and
combine all bans listed into the drop.xml file. The only down side is
with something like 11,800 ISP in the drop zone it takes about 30 or 40
seconds for the firewall to come back up after a reload.

On Wed, 2020-04-01 at 18:01 -0700, Kenneth Porter wrote:
> On 4/1/2020 5:44 PM, Harrison Johnson wrote:
> > This keeps me slightly ahead of the asshats.
> > 
> > https://www.ip2location.com/free/visitor-blocker
> 
> That's quite cool. With a little work the CIDR format could be
> converted 
> to an ipsets file for firewalld or fed directly to its command line.
> 
> 
> 
> 
> _______________________________________________
> Fail2ban-users mailing list
> Fail2ban-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/fail2ban-users

Attachment: signature.asc
Description: This is a digitally signed message part

_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users

Reply via email to