[Oisf-users] Moving NFQUEUE to a different place in iptable's chain
James Moe
jimoe at sohnen-moe.com
Wed Oct 3 23:06:59 UTC 2018
On 10/3/18 2:10 PM, James Moe wrote:
> The idea: By blocking recurring IP addresses this would reduce the
> load on suricata.
>
As it happens, this idea works very well.
I had restarted fail2ban. When I looked at the chain list in iptables,
the chain had changed putting the f2b chains first. The number of
2220008 rule instances has dropped dramatically.
Now I just need a way to assure f2b chains remain first in iptables.
--
James Moe
moe dot james at sohnen-moe dot com
520.743.3936
Think.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20181003/a14173a1/attachment.sig>
More information about the Oisf-users
mailing list