Self-maintained list of banned IP with ipset and iptables

Feb 1, 2012 00:00 · 69 words · 1 minute read Linux Networking

I have decided to extend my iptables’ rules for SSH to support self-maintained list of banned IP addresses with ipset and iptables.

$>ipset create banned-ip hash:net hashsize 64 maxelem 1024 timeout 0
$>iptables -I INPUT 1 -m set --match-set banned-ip src -j DROP
$>iptables -I SSH 1 -m recent --name ssh --rcheck --seconds 180 --hitcount 10 -j SET --add-set banned-ip src --timeout 86400

Enjoy and don’t ban yourself ;)