consistent whitelist/blacklist managing

Question

consistent whitelist/blacklist managing

JMLX42 opened this issue 8 years ago · 1 comments

The CMS makes it easy to add/remove whitelisted/blacklisted IPs.
The blacklist/whitelist are managed through iptables.
Other apps, such as fail2ban, will also interact with iptables.

We must make sure that the CMS is always up to date with the iptables rules.
We must also make sure that /etc/fail2ban/jail.conf (especially ignoreip is always up to date with the CMS content).

Answer 1 · 2016-11-06T00:51:21.000Z

A possible solution for the blacklist would be to have a custom fail2ban action that would call a new /api/scripts/blacklist-ip.js script.

Reference: http://askubuntu.com/questions/435511/fail2ban-creating-a-custom-action-that-gives-parameters-to-script