stamparm / ipsum

Daily feed of bad IPs (with blacklist hit scores)
The Unlicense
1.61k stars 146 forks source link

Blacklist without using IPSet for Docker Containers #4

Open ghost opened 5 years ago

ghost commented 5 years ago

Is there a way to get the list of rules into iptables without using ipset?

One solution I've found, although it's partial and really just for port 80 and 443, is to use the very fast dbm module on Apache 2.4. It's hard to block lots of IPs fast at the web server level, but that module allow me to create a map file from a txt file and then use that to perform lookups quickly.

I could create a pull request to add this install code snippet to the README if you don't mind?

stamparm commented 5 years ago

You mean something like https://stackoverflow.com/a/15580768 ? I could just put a reference link to that same answer inside the README