RE: realtime protection against cloud scans

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> > using the NTP firewall
> 
> Sorry, using the NFT firewall.
> 

I still need to get familiar with nft. Currently I am using ipset, adding ip's with scripts. But ipset is preconfigured for specific netmask /24 /X. So at some point your /24 is getting full with 65k entries. It would be nice if then automitcally /24 are merged/moved to ipsets bigger than /24. 

I am looking for something that can do this automatically. 

Currently I am thinking of creating multiple ipsets for /16 /18 /22 etc and I don't know if I should just put corresponding ranges in there form digitalocean, amazon, googleusercloud and azure. Or indeed go ips from abuse lists, but then risking that lots are not there and you are still adding slowly these clouds like digitalocean. 

Afaik was ipset very good with latency. I have no idea how this is replaced.





---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx




[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux