How to add IP to ipset blacklist after blocking in iptables?

J

junior_css2021-09-17 09:21:48

iptables

junior_css, 2021-09-17 09:21:48

Hello.
Please tell me, here is the rule

iptables -A INPUT -p tcp -m multiport --dports $port -m length --length 3000:65535 -m recent --name get_packets --set
iptables -A INPUT -p tcp -m multiport --dports $port -m length --length 3000:65535 -m recent --name get_packets --update --seconds 15 --hitcount 100 -j REJECT

Iptables blocks packets, but how can I make it also send to ipset list so that later, when the rules are reset, he remembers those who have already fallen under sanctions?
I created the ipset list, how to fill it now, and how to block everything that is there

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

H

hint000, 2021-09-17
@hint000

but how to make it also send to the ipset list

By means of iptables in any way, probably. But you can write a script that will periodically parse the file /proc/net/xt_recent/get_packetsand put the result in ipset .
https://qna.habr.com/q/733485