Code: Select all
sudo firewall-cmd --permanent --ipset=banned --add-entry=116.0.0.0/8
I perfomed a --reload, and even rebooted the machine to make sure the permanent rules are used.
My direct.xml has:
Code: Select all
<?xml version="1.0" encoding="utf-8"?>
<direct>
<rule ipv="ipv4" table="filter" chain="INPUT" priority="0">-m set --match-set "banned" src -j DROP</rule>
</direct>
Code: Select all
$ sudo firewall-cmd --permanent --ipset=banned --get-entries
5.182.9.9/16
42.0.0.0/8
186.82.0.0/16
85.0.0.0/8
178.0.0.0/8
68.107.168.0/21
85.209.0.0/16
101.162.0.0/16
95.111.0.0/16
105.0.0.0/8
100.32.0.0/13
100.40.0.0/15
190.0.0.0/8
200.0.0.0/8
185.244.0.0/16
115.0.0.0/8
167.0.0.0/8
193.0.0.0/8
129.0.0.0/8
194.0.0.0/8
83.0.0.0/8
134.0.0.0/8
87.0.0.0/8
37.0.0.0/8
107.172.0.0/14
202.0.0.0/8
82.0.0.0/8
27.0.0.0/8
116.0.0.0/8
How can I tell if it's actually working? If it is, next challenge is to "hook" my (working) fail2ban into it so I don't have to manually add the addresses.