Remove Blocked IP Without Reloading iptables

Post Reply
wolf
Junior Member
Posts: 51
Joined: 13 Jul 2007, 14:19
Contact:

Remove Blocked IP Without Reloading iptables

Post by wolf »

Hey guys,

I'm on dialup for alot of my time and use rather large deny lists(1000+ ips). when removeing a banned ip, it takes alongtime to upload the new deny list as well as display the full ruleset when flushing/restarting the firewall.(+20 seconds at times).
just thought it would be most convenient to be able to remove an ip from the iptables without haveing to flush everything.
maybe an "unban" field in the csf web gui?

:)
Infopro
Junior Member
Posts: 142
Joined: 15 Dec 2006, 00:22

Post by Infopro »

What about temp banning them instead, this feature is in there.

1000+ IPs? :p

Way too many, IMO.
wolf
Junior Member
Posts: 51
Joined: 13 Jul 2007, 14:19
Contact:

Post by wolf »

Infopro wrote:What about temp banning them instead, this feature is in there.

1000+ IPs? :p

Way too many, IMO.
I use the tempban option for other triggers.
Max num of blocked ips is dynamicly changed depending on several other monitoring systems.(eg.durring a drddos attack).

we have endured attacks consisting of more than 2000 ips before as well. this is why the list can become so big.

and yes i have concidered banning subnets but I rarely find more than 3 ips from the same subnet durrring such attacks
wolf
Junior Member
Posts: 51
Joined: 13 Jul 2007, 14:19
Contact:

Post by wolf »

kewl :) csf -dr [IP] has arrived in v3.26
thanks chirpy
Post Reply