[arm-allstar] Selective IP Blocking

Hans-Peter Oeste oeste.hanspeter at gmail.com
Fri Feb 16 23:27:15 EST 2024


If you're looking for a reasonablely simple package, have a look at
'failtoban'.

VE7OES

On Fri, Feb 16, 2024, 6:52 p.m. Benjamin Naber via ARM-allstar <
arm-allstar at hamvoip.org> wrote:

> Steve the IP tables while daunting at first are actually the most effective
> and the most powerful way to protect your system at the network level.
>
> Scammers hackers and others nefarious actors are trying to get into systems
> will find how your firewall works and especially if their software systems
> in place and attempt to load it down.
>
> IP tables that set to drop all packets that are not on specific ports is
> the most effective. Not to mention it utilizes the least amount of
> resources.
>
> For some high profile systems we lock down IP access to certain networks,
> such as home, office and cellular.
>
> I wish geo IP blocking was a lot easier on iptables because a lot of
> scamming and hacking does come from China Indonesia Russia another
> nefarious countries where allstarlink doesn't exist.
>
>
> On Wed, Feb 14, 2024, 06:09 Steve Piotrowski via ARM-allstar <
> arm-allstar at hamvoip.org> wrote:
>
> > i'm following this as well, as we're having a similar issue with constant
> > bogus login attempts. I did try to enable the basic allstar firewall in
> the
> > allstar.env but the log then has this error:
> >
> > Feb 14 06:03:49 localhost systemd[1]: Started OpenSSH Daemon.
> > Feb 14 06:03:50 localhost rc.local[311]: /usr/local/etc/rc.allstar:
> > line 62: /etc/openvpn/firewall: No such file or directory
> >
> > which to me means something didn't work?
> >
> > iptables looks like an option, saw some guidance in the hamvoip wiki
> > after searching but some of it seems dated.
> > _______________________________________________
> >
> > ARM-allstar mailing list
> > ARM-allstar at hamvoip.org
> > http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
> >
> > Visit the BBB and RPi2/3/4 web page - http://hamvoip.org
> >
> _______________________________________________
>
> ARM-allstar mailing list
> ARM-allstar at hamvoip.org
> http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
>
> Visit the BBB and RPi2/3/4 web page - http://hamvoip.org
>


More information about the ARM-allstar mailing list