firewalld with HUGE list of ip to drop
Jerry Geis
jerry.geis at gmail.com
Wed Apr 10 22:08:41 UTC 2024
Seems once I have gotten past the "threshold" which I dont know how
many that is - network performance DROPS considerably with many IP's in the
list to drop
The file to drop has at least 57000+ lines of IP addresses that have
attempted some kind of access to my servers. Either unwanted SSH, HTTP,
HTTPS or SIP.
How is the correct way to DROP ip's with such a large number
and I do segments like
243.155.27.0/24
kind of entries. so each address is not individual.
Anyway if I stop firewalld the network performance jumps WAY back up to
over 800M but as soon as I restart firewalld - wait a while - network
performance drops again to around 10M
I also tried stopping firewalld and just use IPtables - same thing happens.
I also found ip addr blacklist kind of a command - but that was not
suggested because it had issues also.
How do I solve this ?
Jerry
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20240410/ef29d89b/attachment.html>
More information about the ubuntu-users
mailing list