Thom ZaneIf you are struggling with the limits of #fail2ban like I was, you should seriously consider using reaction as an alternative. I upstreamed my optimization developments with #ipset support and the new documentation is now live.
ppomSomeone wrote a wiki page to ban IPs using ipset.
If you ban IPs with iptables, consider switching to ipset, as it's much faster!
https://reaction.ppom.me/actions/ipset.html
Ok I just switched reaction's ip bans from plain iptables to ipset.
This made reaction startup 10 times faster on server 1.
2,600 ips added in 3s instead of 30s.
ipset is far superior than plain iptables for big IP lists. I knew this but I'm still surprised now that I see this!
And the firewall stack must be much faster as well when treating incoming packets!
Petr Klosko
garyi have nothing against the vast majority of chinese but the botnets are really crazy - 80% of my traffic is from china #asn #cidr #ipset #fail2ban
DaveBOn Friday I made a change to prod on my home server. It is now only accessible from Aussie IP addresses. Previously only a couple of countries were blocked. I'm using a combination of #geoipset, #ipset & #iiptables. If you are considering doing this yourself be aware of three things:
- don't forget to allow the local network access
- you will need to keep this updated as apparently addresses can change countries.
- expect a couple of things to break. Making the change on Friday gave me the weekend to discover what I borked. So far it appears only updates - for some odd reason that was using an off-shore source. This was easy enough to fix.
HabrПрозрачное туннелирование трафика с маршрутизацией на основе геолокации IP-адресов
В этой статье попробую рассказать как в домашней сети создать еще один шлюз по умолчанию и настроить на нем на выборочную маршрутизацию на основе списка подсетей. Используя в качестве такого списка базу данных геолокации IP-адресов, можно перенаправлять трафик в зависимости от страны назначения.
https://habr.com/ru/articles/854112/
#vpn #iptables #iproute2 #ipset #systemdnetworkd #маршрутизация
13xforeverSo, the things you might need to route through proxy/vpn to get Windows Insider builds to show up in Windows Updates:
A maybe:
ipset=/login.microsoftonline.com/geo_v4,geo_v6
A certain:
ipset=/insideruser.microsoft.com/flighting-prod-ase-eus.p.azurewebsites.net/settings-win.data.microsoft.com/wosc.services.microsoft.com/devicelistenerprod.microsoft.com/geo_v4,geo_v6
ipset=/update.microsoft.com/geo_v4,geo_v6
ipset=/delivery.mp.microsoft.com/dsp.mp.microsoft.com/geo_v4,geo_v6
Not needed:
#ipset=/download.windowsupdate.com/geo_v4,geo_v6
Nerdeiro 
I got sick tired of people hammering my web server trying to exploit vulnerabilities on things like #log4j or #wordpress that I don't even run. My list of blocked IPs on #fail2ban was getting out of control, so I took off and nuked the site from orbit (only way to be sure). I blocked ALL IP addresses from China using #iptables and #ipset
DeaDSouL 
What #firewall frontend do you use on your #linux distro?
Please boost, for more range 📶
#iptables #nftables #ipset #firewalld #shorewall #ufw #gnulinux #network #networksecurity #distro
FirewallD
Shorewall
Something else. (I’ll mention it)
I don’t use firewall.
Poll ended at .