On Fri, Jun 21, 2024 at 10:46:02AM +0000, L. Mark Stone via mailop wrote: > We use "route" as the banaction in our Fail2Ban.
If iptables or other filtering performance is a concern, I would definitely support the suggestion to use blackhole routes instead. Searching on obvious keywords dug out this tiny tutorial for Linux: https://lowendbox.com/blog/linux-blackhole-tutorial-adding-and-removing-a-null-route/ and for addresses to feed to those commands in suitable scriptery any subscriber here is of course welcome to the lists we generate here, described in eg https://www.nxdomain.no/~peter/badness_enumerated_by_robots.html or if G's trackers are not any concern and you want prettier formatting https://bsdly.blogspot.com/2018/08/badness-enumerated-by-robots.html All the best, Peter -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team https://bsdly.blogspot.com/ https://www.bsdly.net/ https://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds. _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
