Hi,
Now I have a server under my hand with csf with DENY_TEMP_IP_LIMIT=250.
250 entry is enough for about 4 minute denys, and there are rotated out.
But it's should deny IPs for 120/60/30/5 minutes...
Is there a way to support ipset for longer denies?
Regards
allow to use ipset for temporary blocks
Re: allow to use ipset for temporary blocks
+1
this would be really useful to have. From a quick review of ipset's config parameters I don't see why this can't be implemented in csf/lfd.
It isn't rare to see 100s or even 1000s of IPs being blocked per hour when a large attack occur.
this would be really useful to have. From a quick review of ipset's config parameters I don't see why this can't be implemented in csf/lfd.
It isn't rare to see 100s or even 1000s of IPs being blocked per hour when a large attack occur.
Re: allow to use ipset for temporary blocks
Exactly!
This feature is needed 100%.
At least for me.
According to csf code there are differences between dotempdeny and dodeny.
This feature is needed 100%.
At least for me.
According to csf code there are differences between dotempdeny and dodeny.