Re: No ipf in RPI2 evbarm 7.0.2 kernel?

To: Emilian Bold <emilian.bold%gmail.com@localhost>
Subject: Re: No ipf in RPI2 evbarm 7.0.2 kernel?
From: Robert Swindells <rjs%fdy2.co.uk@localhost>
Date: Fri, 06 Jul 2018 11:00:58 +0100

Emilian Bold <emilian.bold%gmail.com@localhost> wrote:
>Wow! So... I just want to block an IP based on the nginx log.

Ok.

You already have the IP addresses in a file so don't need to have
extra application support to detect and respond to new ones.

Maybe run a script at regular intervals to extract the addresses
and do something with them.

>Honestly I would love to have just an /etc/blockips.conf file which
>has IPs or CIDR addresses and maps to whatever underlying firewall
>there is on the system. I just want something simple, not do the
>routing for a small intranet, don't give me all these grammars to
>learn. (Not criticising the support I got so far, which is awesome,
>just the tooling status quo).

The npf examples in /usr/share/examples/npf show how to set up a
table of addresses to block.

This table can be initialized from a list of addresses in a file
and/or you can add addresses individually using 'npfctl table ...'.

Follow-Ups:
- Re: No ipf in RPI2 evbarm 7.0.2 kernel?
  - From: Emilian Bold

References:
- Re: No ipf in RPI2 evbarm 7.0.2 kernel?
  - From: Emilian Bold

Prev by Date: Re: No ipf in RPI2 evbarm 7.0.2 kernel?
Next by Date: Re: No ipf in RPI2 evbarm 7.0.2 kernel?
Previous by Thread: Re: No ipf in RPI2 evbarm 7.0.2 kernel?
Next by Thread: Re: No ipf in RPI2 evbarm 7.0.2 kernel?
Indexes:

Home | Main Index | Thread Index | Old Index