[Cialug] My Ubuntufoo is apparently lacking, ..
Mike Hughes
mike at visionary.com
Thu Jan 25 17:24:28 UTC 2024
That works. Keep in mind that it's only permanent until a reboot unless you're also saving the config. I will caution you that mixing UFW and IPTABLES might have unpredictable results.
________________________________
From: Cialug <cialug-bounces at cialug.org> on behalf of L. V. Lammert <lvl at omnitec.net>
Sent: Thursday, January 25, 2024 11:20 AM
To: Central Iowa Linux Users Group <cialug at cialug.org>
Subject: Re: [Cialug] My Ubuntufoo is apparently lacking, ..
On Thu, 25 Jan 2024, Mike Hughes wrote:
> I found that adding an IP to a block rule wasn't effective without
> resetting the firewall. Essentially the statefullness of the firewall
> allows existing connections to continue despite a new block rule being
> added. Does UFW have a reload command?
>
Ahh, .. that make sense, probably the root cause.
In any case, my sledgehammer solution was:
iptables -I INPUT -s 136.243.228.198 -j REJECT
Which added the rule at the top of the INPUT chain, which is actually a
better solution as this creates a permanent block of a known malicious
bot.
Thanks!
Lee
_______________________________________________
Cialug mailing list
Cialug at cialug.org
https://www.cialug.org/cgi-bin/mailman/listinfo/cialug
More information about the Cialug
mailing list