OVH Firewall HowTo

The article not finished yet.. On OVH.com services we have an interesting feature (which actually not documented. Yet, I hope). It is a Firewall. It was launched in 2014 on brand new managerV6 (OVH control panel), which is now only one can be used — previous versions are not available. Firewall turns on automatically on every DDoS attack and it is not possible to shut it down until attack will be stopped. »

ipset for iptables huge sets filtering

Install some stuff: apt-get install zip unzip ipset Create hash set: ipset create hash_block hash:net Block tcp connection: iptables -I INPUT -p tcp --dport 25565 -m set --match-set sfs_block src -j DROP May be useful with proxy-lists (sample mechanism works on our hosting), example with StopForumSpam list: ipset destroy temporably ipset create hash_block hash:net ipset create temporably hash:net wget -N http://flyspring.net/files/listed_ip_7.zip -P /tmp unzip /tmp/listed_ip_7.zip -d /tmp/ sed 's:^:add tempset »