Thought it might also be helpful to confirm that firewalld is not interfering in any way.
what is the output of ~$# systemctl status firewalld
On Sun, Apr 19, 2020 at 9:30 AM Jeffrey Walton noloader@gmail.com wrote:
On Sun, Apr 19, 2020 at 9:26 AM Anand Buddhdev anandb@ripe.net wrote:
On 19/04/2020 14:58, Jeffrey Walton wrote:
Hi Jeffrey,
The offending host is 59.64.129.175. To err on the side of caution we attempted to block the entire netblock. According to whois data, that's 59.64.128.0-59.64.159.255.
iptables -A INPUT -s 59.64.128.0/19 -p TCP -j DROPAfter reboot cpu usage is still high and access_log still shows useless requests from the host:
Did you actually arrange for your iptables rule to be reinstated at boot?
If you just configure a rule as above, but don't save it, it will disappear ar reboot.
Ugh, thanks. I did not realize the changes were only temporary.
What is the recommended way to permanently add a ban rule?
Thanks again. _______________________________________________ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos