#ipset — Public Fediverse posts

Три слоя защиты сервера: ipset, auto-block и CrowdSec

Ваши логи забиты попытками входа в .env , .git и wp-login.php ? Пока бот стучится в Nginx, ваш сервер уже тратит драгоценные ресурсы. Я решил перенести фильтрацию в ядро Linux и делюсь рабочим кейсом эшелонированной обороны на базе ipset и CrowdSec .

https://habr.com/ru/articles/1019778/

#WAF #ipset #iptables #CrowdSec #Битрикс #защита_сервера #безопасность #Linux #bashскрипты #информационная_безопасность

If you are struggling with the limits of #fail2ban like I was, you should seriously consider using reaction as an alternative. I upstreamed my optimization developments with #ipset support and the new documentation is now live.

https://reaction.ppom.me/actions/ipset.html

#security #sysadmin #webdev

Someone wrote a wiki page to ban IPs using ipset.
If you ban IPs with iptables, consider switching to ipset, as it's much faster!
https://reaction.ppom.me/actions/ipset.html

#reactionrust #ipset

Ok I just switched reaction's ip bans from plain iptables to ipset.
This made reaction startup 10 times faster on server 1.
2,600 ips added in 3s instead of 30s.

ipset is far superior than plain iptables for big IP lists. I knew this but I'm still surprised now that I see this!

And the firewall stack must be much faster as well when treating incoming packets!

#reactionrust #iptables #ipset #performance

i have nothing against the vast majority of chinese but the botnets are really crazy - 80% of my traffic is from china #asn #cidr #ipset #fail2ban

On Friday I made a change to prod on my home server. It is now only accessible from Aussie IP addresses. Previously only a couple of countries were blocked. I'm using a combination of #geoipset, #ipset & #iiptables. If you are considering doing this yourself be aware of three things:
- don't forget to allow the local network access
- you will need to keep this updated as apparently addresses can change countries.
- expect a couple of things to break. Making the change on Friday gave me the weekend to discover what I borked. So far it appears only updates - for some odd reason that was using an off-shore source. This was easy enough to fix.

#selfhosting

On Friday I made a change to prod on my home server. It is now only accessible from Aussie IP addresses. Previously only a couple of countries were blocked. I'm using a combination of #geoipset, #ipset & #iiptables. If you are considering doing this yourself be aware of three things:
- don't forget to allow the local network access
- you will need to keep this updated as apparently addresses can change countries.
- expect a couple of things to break. Making the change on Friday gave me the weekend to discover what I borked. So far it appears only updates - for some odd reason that was using an off-shore source. This was easy enough to fix.

#selfhosting

On Friday I made a change to prod on my home server. It is now only accessible from Aussie IP addresses. Previously only a couple of countries were blocked. I'm using a combination of #geoipset, #ipset & #iiptables. If you are considering doing this yourself be aware of three things:
- don't forget to allow the local network access
- you will need to keep this updated as apparently addresses can change countries.
- expect a couple of things to break. Making the change on Friday gave me the weekend to discover what I borked. So far it appears only updates - for some odd reason that was using an off-shore source. This was easy enough to fix.

#selfhosting

On Friday I made a change to prod on my home server. It is now only accessible from Aussie IP addresses. Previously only a couple of countries were blocked. I'm using a combination of #geoipset, #ipset & #iiptables. If you are considering doing this yourself be aware of three things:
- don't forget to allow the local network access
- you will need to keep this updated as apparently addresses can change countries.
- expect a couple of things to break. Making the change on Friday gave me the weekend to discover what I borked. So far it appears only updates - for some odd reason that was using an off-shore source. This was easy enough to fix.

#selfhosting

On Friday I made a change to prod on my home server. It is now only accessible from Aussie IP addresses. Previously only a couple of countries were blocked. I'm using a combination of #geoipset, #ipset & #iiptables. If you are considering doing this yourself be aware of three things:
- don't forget to allow the local network access
- you will need to keep this updated as apparently addresses can change countries.
- expect a couple of things to break. Making the change on Friday gave me the weekend to discover what I borked. So far it appears only updates - for some odd reason that was using an off-shore source. This was easy enough to fix.

#selfhosting

Reglas del Firewall en OPNsense https://blog.elhacker.net/2024/12/reglas-del-firewall-en-opnsense-alias-aliases.html #packetfilter #firewall #iptables #tutorial #FreeBSD #manual #reglas #alias #ipset

Прозрачное туннелирование трафика с маршрутизацией на основе геолокации IP-адресов

В этой статье попробую рассказать как в домашней сети создать еще один шлюз по умолчанию и настроить на нем на выборочную маршрутизацию на основе списка подсетей. Используя в качестве такого списка базу данных геолокации IP-адресов, можно перенаправлять трафик в зависимости от страны назначения.

https://habr.com/ru/articles/854112/

#vpn #iptables #iproute2 #ipset #systemdnetworkd #маршрутизация

I got sick tired of people hammering my web server trying to exploit vulnerabilities on things like #log4j or #wordpress that I don't even run. My list of blocked IPs on #fail2ban was getting out of control, so I took off and nuked the site from orbit (only way to be sure). I blocked ALL IP addresses from China using #iptables and #ipset

#firewall #linux #nginx

What #firewall frontend do you use on your #linux distro?

Please boost, for more range 📶

#iptables #nftables #ipset #firewalld #shorewall #ufw #gnulinux #network #networksecurity #distro