Welcome! Log In Create A New Profile

Advanced

RE: Blocking tens of thousands of IP's

Cox, Eric S
November 01, 2016 05:50PM
Random, blocks, certain durations, etc. Its very random and or short lived which is something we don't want to move to the firewall at the moment

-----Original Message-----
From: Jeff Dyke [jeff.dyke@gmail.com]
Received: Tuesday, 01 Nov 2016, 5:46PM
To: nginx@nginx.org [nginx@nginx.org]
Subject: Re: Blocking tens of thousands of IP's

what is your firewall?, that is the place to block subnets etc, i assume they are not random ips, they are likely from a block owned by someone??

On Tue, Nov 1, 2016 at 5:37 PM, CJ Ess <zxcvbn4038@gmail.com<mailto:zxcvbn4038@gmail.com>> wrote:
I don't think managing large lists of IPs is nginx's strength - as far as I can tell all of its ACLs are arrays that have the be iterated through on each request.

When I do have to manage IP lists in Nginx I try to compress the lists into the most compact CIDR representation so there is less to search. Here is a perl snippet I use to do that (handles ipv4 and ipv6):

#!/usr/bin/perl

use NetAddr::IP;

my @addresses;

foreach my $subnet (split(/\s+/, $list_of_ips)) {
push(@addresses, NetAddr::IP->new($subnet));
}

foreach my $cidr (NetAddr::IP::compact(@addresses)) {
if ($cidr->version == 4) {
print $cidr . "\n";
} else {
print $cidr->short() . "/" . $cidr->masklen() . "\n";
}


On Tue, Nov 1, 2016 at 11:15 AM, Cox, Eric S <eric.cox@kroger.com<mailto:eric.cox@kroger.com>> wrote:
Is anyone aware of a difference performance wise between using

return 403;

vs

deny all;

When mapping against a list of tens of thousands of ip?

Thanks

________________________________

This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain information that is confidential and protected by law from unauthorized disclosure. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.

_______________________________________________
nginx mailing list
nginx@nginx.org<mailto:nginx@nginx.org>
http://mailman.nginx.org/mailman/listinfo/nginxhttps://urldefense.proofpoint.com/v2/url?u=http-3A__mailman.nginx.org_mailman_listinfo_nginx&d=CwMFaQ&c=WUZzGzAb7_N4DvMsVhUlFrsw4WYzLoMP5bgx2U7ydPE&r=20GRp3QiDlDBgTH4mxQcOIMPCXcNvWGMx5Y0qmfF8VE&m=cjLNEY1x_976qWvGzhCEhvWYUU4DOBVUcO97nnDYX7o&s=GwNGeoaXa46JaCsfrdl3VQZpyNHqSzWwlLq3a0UNV2I&e=


_______________________________________________
nginx mailing list
nginx@nginx.org<mailto:nginx@nginx.org>
http://mailman.nginx.org/mailman/listinfo/nginxhttps://urldefense.proofpoint.com/v2/url?u=http-3A__mailman.nginx.org_mailman_listinfo_nginx&d=CwMFaQ&c=WUZzGzAb7_N4DvMsVhUlFrsw4WYzLoMP5bgx2U7ydPE&r=20GRp3QiDlDBgTH4mxQcOIMPCXcNvWGMx5Y0qmfF8VE&m=cjLNEY1x_976qWvGzhCEhvWYUU4DOBVUcO97nnDYX7o&s=GwNGeoaXa46JaCsfrdl3VQZpyNHqSzWwlLq3a0UNV2I&e=


________________________________

This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain information that is confidential and protected by law from unauthorized disclosure. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Subject Author Posted

Blocking tens of thousands of IP's

Cox, Eric S November 01, 2016 11:18AM

Re: Blocking tens of thousands of IP's

CJ Ess November 01, 2016 05:40PM

Re: Blocking tens of thousands of IP's

jeffdyke November 01, 2016 05:48PM

RE: Blocking tens of thousands of IP's

Cox, Eric S November 01, 2016 05:50PM

Re: Blocking tens of thousands of IP's

Lucas Rolff November 01, 2016 05:54PM

Re: Blocking tens of thousands of IP's

mex November 04, 2016 05:37AM

Re: Blocking tens of thousands of IP's

Rainer Duffner November 01, 2016 05:52PM

RE: Blocking tens of thousands of IP's

Cox, Eric S November 01, 2016 06:36PM

Re: Blocking tens of thousands of IP's

Rainer Duffner November 01, 2016 06:42PM

RE: Blocking tens of thousands of IP's

Cox, Eric S November 01, 2016 06:44PM

Re: Blocking tens of thousands of IP's

Rainer Duffner November 01, 2016 06:56PM

RE: Blocking tens of thousands of IP's

Cox, Eric S November 01, 2016 06:58PM

Re: Blocking tens of thousands of IP's

gariac November 01, 2016 07:00PM

Re: Blocking tens of thousands of IP's

Tom Thorogood November 01, 2016 07:06PM

Re: Blocking tens of thousands of IP's

gariac November 01, 2016 06:48PM

Re: RE: Blocking tens of thousands of IP's

mex November 04, 2016 05:43AM

Re: Blocking tens of thousands of IP's

Jonathan Vanasco November 08, 2016 01:30PM

Re: Blocking tens of thousands of IP's

mayak November 08, 2016 06:00PM

Re: Blocking tens of thousands of IP's

mex November 15, 2016 01:09AM

Re: Blocking tens of thousands of IP's

gariac November 08, 2016 06:16PM

Re: Blocking tens of thousands of IP's

CJ Ess November 18, 2016 02:46PM

Re: Blocking tens of thousands of IP's

Maxim Dounin November 02, 2016 08:58AM

Re: Blocking tens of thousands of IP's

gariac November 01, 2016 06:28PM

Re: Blocking tens of thousands of IP's

Francis Daly November 03, 2016 03:02PM

Re: Blocking tens of thousands of IP's

noci November 23, 2016 09:33AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 58
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready