Rc3bcdiger Meier wrote:
On 04/17/2017 11:01 AM, Roger Price wrote:
On Mon, 17 Apr 2017, suse@a-domani.nl wrote:
suse@a-domani.nl wrote:
In my firewall I examine all unexpected traffic, there for I end added lines for all existing countries, like:
Hi Hans,
Wouldn't it be simpler to specify the countries you are willing to accept and block all other traffic without specifying the country.
BTW I've simply configured all our internal used services (like ssh, internal mail, dns, ntp etc.) to listen on ipv6 only. This seem to avoid a lot more noise in the logs than these complicated and unsafe solutions like xtables-geoip or Fail2ban.
Why would you have any such noise on internal-only services? -- Per Jessen, Zürich (10.8°C) http://www.hostsuisse.com/ - virtual servers, made in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org