Marc Roos skrev den 2020-03-03 16:15:
Use ipset, hardly causing any latency using 50k entries.
i dont need to block 50k entries, but only whitelist few accepted client
ips, where i resolve asn and open this specifik asn to have access, if
there is abuse it will be removed so its again is blocked, i have tryed
blockin 50k entries it failed maserable, for me it does not matter of
ipsets or not was used
keeping it tieght helps alot
the log i showed was not from clients that already had access, so no
need to block it
if you know iptabels you dont need ipsets :=)
