Welcome! Log In Create A New Profile

Re: Blocking tens of thousands of IP's

Forum List Message List New Topic Print View

gariac

November 08, 2016 06:16PM

Registered: 9 years ago
Posts: 178

Is that 2.2 million CIDRs, or actual addresses?

I use IPFW with tables for about 20k CIDRs. I don't see any significant server load. It seems to me nginx has a big enough task that it makes sense to offload the blocking to something that is more tightly integrated to the OS.

At a bare minimum, block OVH and Hetzner. People bash the Russians and old Soviet block countries for hacking, but OVH and Hetzner are far worse.

Original Message
From: mayak
Sent: Tuesday, November 8, 2016 2:58 PM
To: nginx@nginx.org
Reply To: nginx@nginx.org
Subject: Re: Blocking tens of thousands of IP's

On 11/08/2016 07:28 PM, Jonathan Vanasco wrote:
> On Nov 4, 2016, at 5:43 AM, mex wrote:
>
>> we do a similar thing but keep a counter within nginx (lua_shared_dict FTW)
>> and export this stuff via /badass - location.
>>
>> although its not realtime we have a delay of 5 sec which is enough for us
<snip>
We are blocking 2.2 million addresses, however, we do it at the firewall/router (pfsense pfBlocker).

Ultra fast.

HTH

Mayak

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Reply Quote

RSS

Subject	Author	Posted
Blocking tens of thousands of IP's	Cox, Eric S	November 01, 2016 11:18AM
Re: Blocking tens of thousands of IP's	CJ Ess	November 01, 2016 05:40PM
Re: Blocking tens of thousands of IP's	jeffdyke	November 01, 2016 05:48PM
RE: Blocking tens of thousands of IP's	Cox, Eric S	November 01, 2016 05:50PM
Re: Blocking tens of thousands of IP's	Lucas Rolff	November 01, 2016 05:54PM
Re: Blocking tens of thousands of IP's	mex	November 04, 2016 05:37AM
Re: Blocking tens of thousands of IP's	Rainer Duffner	November 01, 2016 05:52PM
RE: Blocking tens of thousands of IP's	Cox, Eric S	November 01, 2016 06:36PM
Re: Blocking tens of thousands of IP's	Rainer Duffner	November 01, 2016 06:42PM
RE: Blocking tens of thousands of IP's	Cox, Eric S	November 01, 2016 06:44PM
Re: Blocking tens of thousands of IP's	Rainer Duffner	November 01, 2016 06:56PM
RE: Blocking tens of thousands of IP's	Cox, Eric S	November 01, 2016 06:58PM
Re: Blocking tens of thousands of IP's	gariac	November 01, 2016 07:00PM
Re: Blocking tens of thousands of IP's	Tom Thorogood	November 01, 2016 07:06PM
Re: Blocking tens of thousands of IP's	gariac	November 01, 2016 06:48PM
Re: RE: Blocking tens of thousands of IP's	mex	November 04, 2016 05:43AM
Re: Blocking tens of thousands of IP's	Jonathan Vanasco	November 08, 2016 01:30PM
Re: Blocking tens of thousands of IP's	mayak	November 08, 2016 06:00PM
Re: Blocking tens of thousands of IP's	mex	November 15, 2016 01:09AM
Re: Blocking tens of thousands of IP's	gariac	November 08, 2016 06:16PM
Re: Blocking tens of thousands of IP's	CJ Ess	November 18, 2016 02:46PM
Re: Blocking tens of thousands of IP's	Maxim Dounin	November 02, 2016 08:58AM
Re: Blocking tens of thousands of IP's	gariac	November 01, 2016 06:28PM
Re: Blocking tens of thousands of IP's	Francis Daly	November 03, 2016 03:02PM
Re: Blocking tens of thousands of IP's	noci	November 23, 2016 09:33AM

Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 110

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 500 on July 15, 2024