Fred Stluka via plug on 24 Mar 2021 13:38:18 -0700 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
Re: [PLUG] Web Ass Pfirewall |
Keith,
Iptables is still pretty good for blocking / choking traffic. You can automatically block bad actors / abusive IPs by using the various limit modules. One of my favorite rules simply blocks SSH ingress based on packets per hour. You exceed the limit, you get blocked for a certain amount of time.
Can you do that with iptables alone? Or does it need something like fail2ban to change the iptables rules dynamically?
It works beautifully and is just one rule.
Care to post the rule? Thanks! --Fred ------------------------------------------------------------------------ Fred Stluka -- http://bristle.com -- Glad to be of service! Open Source: Without walls and fences, we need no Windows or Gates. ------------------------------------------------------------------------ ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug