[arm-allstar] Selective IP Blocking

[Benjamin Naber]

Steve the IP tables while daunting at first are actually the most effective
and the most powerful way to protect your system at the network level.

Scammers hackers and others nefarious actors are trying to get into systems
will find how your firewall works and especially if their software systems
in place and attempt to load it down.

IP tables that set to drop all packets that are not on specific ports is
the most effective. Not to mention it utilizes the least amount of
resources.

For some high profile systems we lock down IP access to certain networks,
such as home, office and cellular.

I wish geo IP blocking was a lot easier on iptables because a lot of
scamming and hacking does come from China Indonesia Russia another
nefarious countries where allstarlink doesn't exist.


On Wed, Feb 14, 2024, 06:09 Steve Piotrowski via ARM-allstar <
arm-allstar at hamvoip.org> wrote:

> i'm following this as well, as we're having a similar issue with constant
> bogus login attempts. I did try to enable the basic allstar firewall in the
> allstar.env but the log then has this error:
>
> Feb 14 06:03:49 localhost systemd[1]: Started OpenSSH Daemon.
> Feb 14 06:03:50 localhost rc.local[311]: /usr/local/etc/rc.allstar:
> line 62: /etc/openvpn/firewall: No such file or directory
>
> which to me means something didn't work?
>
> iptables looks like an option, saw some guidance in the hamvoip wiki
> after searching but some of it seems dated.
> _______________________________________________
>
> ARM-allstar mailing list
> ARM-allstar at hamvoip.org
> http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
>
> Visit the BBB and RPi2/3/4 web page - http://hamvoip.org
>