Re: fail2ban for apache2
On Tuesday 12 November 2019 13:30:24 ghe wrote:
> Gene wrote
>
> > So I had been adding iptables rules but had to reboot this
> > morning to get a baseline cups start, only to find my iptables rules
> > were all gone and the bots are DDOSing me again. Grrrrrrr
>
> 0) Can you block them with an ACL in your router/firewall? And wr mem
> so the ACL will be there when it boots. (pardon the Cisco-ese)
>
> 1) There's a way (that I haven't needed to use yet) to put all your
> iptables rules in a file to be used at every reboot. And I suspect
> systemd knows how, or can be asked, to run that file on boot.
>
> You may have to ask iptables to write that file every time you add
> IPs.
My thinking runs along those lines too, but the man page is swahili in
explaining how to do that.
Thanks ghe
Cheers, Gene Heskett
--
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
If we desire respect for the law, we must first make the law respectable.
- Louis D. Brandeis
Genes Web page <http://geneslinuxbox.net:6309/gene>
Reply to: