Am 19.04.2020 um 14:58 schrieb Jeffrey Walton:
The offending host is 59.64.129.175. To err on the side of caution we
attempted to block the entire netblock. According to whois data,
that's 59.64.128.0-59.64.159.255.
iptables -A INPUT -s 59.64.128.0/19 -p TCP -j DROP
There was no comment so far that the order of the iptables rules
matters. With your command you append to the existing rules. If would be
without effect in case there is a rule in order before which permits the
traffic you try to block.
After reboot cpu usage is still high and access_log still shows
useless requests from the host:
59.64.129.175 - - [19/Apr/2020:08:53:53 -0400] "GET
/w/index.php?title=Special:WhatLinksHere&limit=50&
printable=yes HTTP/1.1" 301 311
I seem to be missing something. That's not surprising since I am not a
server administrator.
How do I filter the unwanted traffic from the netblock?
The iptables rules should be saved in /etc/sysconfig/iptables to be read
in at boot time (or when the iptables services gets restarted).
Alexander
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
