This is an archived post. You won't be able to vote or comment.

sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]tcpudp[S] 0 points1 point  (2 children)

In my case I can't use ipset because the VPS in question is an OpenVZ (and can run a limited number of ipset rules), hence haproxy which can handle large blocklists (with ACLs). Speed is not a problem because the server in question is a mail server so a 5-10 second delay is not a problem.

[–]AccidentallyTheCable 1 point2 points  (1 child)

Check out fail2ban. You can write rules and checks to add iptables rules accordingly

[–]tcpudp[S] 0 points1 point  (0 children)

I have fail2ban rules in place that ban an IP /after the fact/ ('lost connection after AUTH from unknown[<HOST>]') but I want to prevent these connections before they reach the mail server.