On Fri, Jul 15, 2011 at 12:47 PM, CDR <[email protected]> wrote: > I need to keep out all connection from 5 countries, which originate > most of the Denial of Service attacks. The entries are > around 9000 if used as xx.xx.0.0/16. I heard that there is a smarter > way to do this by using User Tables in iptables, that will keep the > speed equal to LOG(x). I already tried using a straight list and it > kills the box. Unless a smarter way us found, there is no way to use > iptables. > > Federico
DROP will remove the vast majority of bad networks. Fail2ban[2] for the rest or recent[3] with triggers at port 139 will get the rest. [1] http://www.spamhaus.org/drop/ [2] http://www.fail2ban.org/wiki/index.php/Main_Page [3] http://snowman.net/projects/ipt_recent/ -- ~~~ Andrew "lathama" Latham [email protected] ~~~ -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
