On Sun, Apr 19, 2020 at 9:26 AM Anand Buddhdev <anandb@xxxxxxxx> wrote: > > On 19/04/2020 14:58, Jeffrey Walton wrote: > > Hi Jeffrey, > > > The offending host is 59.64.129.175. To err on the side of caution we > > attempted to block the entire netblock. According to whois data, > > that's 59.64.128.0-59.64.159.255. > > > > iptables -A INPUT -s 59.64.128.0/19 -p TCP -j DROP > > > > After reboot cpu usage is still high and access_log still shows > > useless requests from the host: > > Did you actually arrange for your iptables rule to be reinstated at boot? > > If you just configure a rule as above, but don't save it, it will > disappear ar reboot. Ugh, thanks. I did not realize the changes were only temporary. What is the recommended way to permanently add a ban rule? Thanks again. _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx https://lists.centos.org/mailman/listinfo/centos