allow to use ipset for temporary blocks

Post Reply
csurgi
Junior Member
Posts: 6
Joined: 16 Jul 2014, 13:52

allow to use ipset for temporary blocks

Post by csurgi »

Hi,

Now I have a server under my hand with csf with DENY_TEMP_IP_LIMIT=250.
250 entry is enough for about 4 minute denys, and there are rotated out.
But it's should deny IPs for 120/60/30/5 minutes...
Is there a way to support ipset for longer denies?

Regards
cron0
Junior Member
Posts: 4
Joined: 10 Oct 2011, 19:30

Re: allow to use ipset for temporary blocks

Post by cron0 »

+1

this would be really useful to have. From a quick review of ipset's config parameters I don't see why this can't be implemented in csf/lfd.

It isn't rare to see 100s or even 1000s of IPs being blocked per hour when a large attack occur.
st41ker
Junior Member
Posts: 1
Joined: 23 Jun 2018, 07:33

Re: allow to use ipset for temporary blocks

Post by st41ker »

Exactly!

This feature is needed 100%.
At least for me.
According to csf code there are differences between dotempdeny and dodeny.
Post Reply