Control Web Panel

Security => iptables => Topic started by: drummondislebsd on March 13, 2015, 03:24:49 AM

Title: Execution time of large ip blacklist.txt
Post by: drummondislebsd on March 13, 2015, 03:24:49 AM
Any experience with implementing a ip blacklist.

I have gathered ip addresses of world by country.  The list of ip addesses <world X-US> is about 7mb of plain text.

Wondering about the server load and execution time to run the filter.

Any experience?
 
Title: Re: Execution time of large ip blacklist.txt
Post by: Administrator on March 13, 2015, 01:04:45 PM
don't run it!

CSF has integrated country blocker but this is only for eg 1-5 countries, using it for more than that could cause overloads.

Anyway, why do you need it ?
Title: Re: Execution time of large ip blacklist.txt
Post by: erm3nda on March 13, 2015, 07:10:08 PM
Has CSF geoIP capabilities? Nice...

I wanna block Nigeria and Russia :) Joj0j0joo
Title: Re: Execution time of large ip blacklist.txt
Post by: Administrator on March 17, 2015, 08:42:25 PM
why blocking whole countries since CSF/LFD will automatically block if they detect something
Title: Re: Execution time of large ip blacklist.txt
Post by: erm3nda on March 29, 2015, 05:04:42 AM
That was a Joke. Maybe a bad joke...

Blocking Nigeria because the known issue about trade with them (packet lost)
The joke is about that are TCP packets, not real shipped packets.

Blocking Russia because the hackers.
The joke is about put a firewall to block a real hacker.

The joke would be easy to understand with a "I wanna block Obama, from whatever Country it is trying to see my webpage"
Title: Re: Execution time of large ip blacklist.txt
Post by: iqbalthakur on April 19, 2015, 03:21:18 PM
Any experience with implementing a ip blacklist.

I have gathered ip addresses of world by country.  The list of ip addesses <world X-US> is about 7mb of plain text.

Wondering about the server load and execution time to run the filter.

Any experience?
other Than your list I upload latest list of Blocked List.. its not Heavy and perfect for . in your ip may be some of them are whitelist and may be some are not updated so try to  see my link and page and download to http://forum.centos-webpanel.com/csf-firewall/download-list-of-block-ip-for-your-csf-firewall-in-csf-deny/ (http://forum.centos-webpanel.com/csf-firewall/download-list-of-block-ip-for-your-csf-firewall-in-csf-deny/)