Sysop: | Amessyroom |
---|---|
Location: | Fayetteville, NC |
Users: | 40 |
Nodes: | 6 (0 / 6) |
Uptime: | 80:27:43 |
Calls: | 195 |
Calls today: | 2 |
Files: | 133 |
Messages: | 95,812 |
So the basic flow of this process.
1) MIS decides to block a given IP because it violates the connection attempt rules set in the individual server configuration table.
2) MIS executes the "IP Blocked" event, which adds the IP to the list
3) Every 5 mins, the cron job runs and adds all the queued IPs to the iptables input filter, and after the new list of IPs have been added, makes them persistent across restarts with netfilter-persistent.
You can track the activity of this process using your system log - journalctl for me, I'm on Debian 12 (bookworm).
I hope you find this useful, especially those of you running some
flavor of Linux. Also: some filename and directories have been changed from my actual to simplify this message.
I think on the whole this is a nice approach, however what happens when Mystic accidentally blacklists your own IP, or it'self? Then you have iptables blocking you out and you won't be able to get back in =)
fail..., ask me how I know?!? :) )