WIth CentOS 5 and 6, I used a bash script with iptables rules listed. WIthin that script, I called another script that I called 'blacklistIPs', which was just another list of iptables rules. It made adding IPs to a blacklist easy.
WIth CentOS 7 and firewalld, I have been entering individual rich rules for each IP address that I want to block. When there are many, this gets a little cumbersome to list all the rules to show the addresses that are being blocked.
I did come across a Python script that addressed this issue, but it seemed to be using a list of IPs from a URL and I couldn't quite figure out how to make it work for my purposes.
Has anyone come up with a solution for making this easier ?
Using firewalld to block multiple (many) IP addresses
Re: Using firewalld to block multiple (many) IP addresses
ipset
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Re: Using firewalld to block multiple (many) IP addresses
Thank you. I came across 'ipset' soon after I posted. It is easy to work with.