Thought it might also be helpful to confirm that firewalld is not
interfering in any way.
what is the output of ~$# systemctl status firewalld
On Sun, Apr 19, 2020 at 9:30 AM Jeffrey Walton <noloader@xxxxxxxxx> wrote:
>
> On Sun, Apr 19, 2020 at 9:26 AM Anand Buddhdev <anandb@xxxxxxxx> wrote:
> >
> > On 19/04/2020 14:58, Jeffrey Walton wrote:
> >
> > Hi Jeffrey,
> >
> > > The offending host is 59.64.129.175. To err on the side of caution we
> > > attempted to block the entire netblock. According to whois data,
> > > that's 59.64.128.0-59.64.159.255.
> > >
> > > iptables -A INPUT -s 59.64.128.0/19 -p TCP -j DROP
> > >
> > > After reboot cpu usage is still high and access_log still shows
> > > useless requests from the host:
> >
> > Did you actually arrange for your iptables rule to be reinstated at boot?
> >
> > If you just configure a rule as above, but don't save it, it will
> > disappear ar reboot.
>
> Ugh, thanks. I did not realize the changes were only temporary.
>
> What is the recommended way to permanently add a ban rule?
>
> Thanks again.
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> https://lists.centos.org/mailman/listinfo/centos
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
