Blocking an IP
The following iptable rule blocks an IP:
Quote:
Quote:
Can this be done? PS: My knowledge in this field is weak. |
I frankly suggest that you look carefully at Shorewall, which is a very comprehensive open-source tool for building IPTables rules.
|
|
Quote:
I'm not totally clear what advantage you hope to gain: you are already dropping the packets that you want to drop, so no advantage there. It could be more efficient (or not), but to know that we'll have to look at the details. Quote:
The general principle is that fail2ban is a filter, written in python, that looks through log files, and based on the entries in the log files and the conditions that you set, can make new 'block' entries. Now, I'm guessing a bit here, but my guess is that you'd have to have a pretty odd set of conditions for the fail2ban route to use fewer cpu cycles than your existing iptables rule. So....what do you hope to gain? (PS: the reply from Lithos came in while I was scribbling.) |
Quote:
I will be looking into fail2ban, thanks a bunch to all of you for pointing me in the right direction. |
Quote:
Quote:
What gaming experiences, logging, anomalies, evidence or whatever else made you think it's DoS attacks? Did you ever look for specific game anti-DoS measures? Did you even try traffic analysis based on packet captures (tcpdump / tshark, Wireshark, Snort)? |
All times are GMT -5. The time now is 01:11 PM. |