On 2016-08-28, TE Dukes tdukes@palmettoshopper.com wrote:
I setup an ipset but quickly ran out of room in the set. I guess I'll have to setup multiple sets.
I'm not familiar with ipsets, but from a quick Google search it seems like you can increase the size of an ipset (or make a new larger one and migrate your IPs to the new one). Multiple sets looks like it'd work as well.
Right now, I'm just trying to take some load off my home server from badbots but I am getting hit on other services as well.
Another possibility for you to look at is sshguard. It can protect against brute force ssh attacks (using iptables rules, which is how I use it) but IIRC it can also protect against http attacks (I've never used it that way, so I don't know how difficult this is).
Can you be more specific about the "load" you're trying to mitigate? Is it really the load on your home system, or is it that attackers are using your bandwidth, or a combination?
--keith