From: nospam.Christian.Sacks@f5.n250.z2.fidonet.org   
      
   On 01 Jul 2024, Scott Street said the following...   
      
    SS> So the basic flow of this process.   
    SS> 1) MIS decides to block a given IP because it violates the connection   
    SS> attempt rules set in the individual server configuration table.   
    SS> 2) MIS executes the "IP Blocked" event, which adds the IP to the list   
    SS> 3) Every 5 mins, the cron job runs and adds all the queued IPs to the   
    SS> iptables input filter, and after the new list of IPs have been added,   
    SS> makes them persistent across restarts with netfilter-persistent.   
    SS>   
    SS> You can track the activity of this process using your system log -   
    SS> journalctl for me, I'm on Debian 12 (bookworm).   
    SS>   
    SS> I hope you find this useful,  especially those of you running some   
    SS> flavor of Linux.  Also: some filename and directories have been changed   
    SS> from my actual to simplify this message.   
      
   I think on the whole this is a nice approach, however what happens when Mystic   
   accidentally blacklists your own IP, or it'self? Then you have iptables   
   blocking you out and you won't be able to get back in =)   
      
   Can you modify that to only block on the ports you have for telnet/ssh to the   
   BBS (assuming SSH to the bbs is different to SSH to the cli).   
      
   ... Redundant book title: DOS For Dummies   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)