[Cialug] My Ubuntufoo is apparently lacking, ..
L. V. Lammert
lvl at omnitec.net
Thu Jan 25 17:20:14 UTC 2024
On Thu, 25 Jan 2024, Mike Hughes wrote:
> I found that adding an IP to a block rule wasn't effective without
> resetting the firewall. Essentially the statefullness of the firewall
> allows existing connections to continue despite a new block rule being
> added. Does UFW have a reload command?
>
Ahh, .. that make sense, probably the root cause.
In any case, my sledgehammer solution was:
iptables -I INPUT -s 136.243.228.198 -j REJECT
Which added the rule at the top of the INPUT chain, which is actually a
better solution as this creates a permanent block of a known malicious
bot.
Thanks!
Lee
More information about the Cialug
mailing list