On 18.04.21 07:55, li...@lazygranch.com wrote:
I need to learn postscreen eventually for other spammers.
mostly bots, but thanks to dnsbl scoring, spammers too.
The thing with fail2ban or the similar sshguard is I have a huge block
list for the webserver. It has been my experience that these dynamic
blockers that just add a few IPs every few minutes have a huge CPU load
because the OS creates what I assume is a very efficient database of IP
space to block.
if you use linux, try using ipsets for that. They should provide the most
efficient solution for this kind of blocking.
the only more efficient solution is afaik nullrouting them with rp_filter,
but that disables all packets from such IP
I have configured fail2ban with ipset and found it very efficient and easy
to maintain with other firewalling system.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
I wonder how much deeper the ocean would be without sponges.
