[CentOS-mirror] Chinese addresses requesting excessive iso's?

Wed Apr 27 18:15:50 UTC 2022
Russell Jones <arjones85 at gmail.com>

So, for whatever reason my mirror seems to be getting targeted by China:

[root at repos ~]# tail -f access.log | grep 403
112.22.135.89 - - [27/Apr/2022:13:10:52 -0500] "GET
/centos/7.9.2009/isos/x86_64/CentOS-7-x86_64-Everything-2009.iso HTTP/1.1"
403 153 "-" "curl/7.29.0"
183.206.56.187 - - [27/Apr/2022:13:10:52 -0500] "GET
/centos/7.9.2009/isos/x86_64/CentOS-7-x86_64-Everything-2009.iso HTTP/1.1"
403 153 "-" "curl/7.29.0"
112.22.157.33 - - [27/Apr/2022:13:10:52 -0500] "GET
/centos/8.5.2111/isos/aarch64/CentOS-8.5.2111-aarch64-dvd1.iso HTTP/1.1"
403 153 "-" "curl/7.29.0"
223.107.42.112 - - [27/Apr/2022:13:10:52 -0500] "GET
/centos/8.5.2111/isos/x86_64/CentOS-8.5.2111-x86_64-dvd1.iso HTTP/1.1" 403
153 "-" "curl/7.29.0"
112.22.156.85 - - [27/Apr/2022:13:10:53 -0500] "GET
/centos/7.9.2009/isos/x86_64/CentOS-7-x86_64-Everything-2009.iso HTTP/1.1"
403 153 "-" "curl/7.29.0"
223.107.40.234 - - [27/Apr/2022:13:10:53 -0500] "GET
/centos/8.5.2111/isos/x86_64/CentOS-8.5.2111-x86_64-dvd1.iso HTTP/1.1" 403
153 "-" "curl/7.29.0"
140.224.157.57 - - [27/Apr/2022:13:10:54 -0500] "GET
/centos/7.9.2009/isos/x86_64/CentOS-7-x86_64-Everything-2009.iso HTTP/1.1"
403 153 "-" "curl/7.29.0"
223.107.6.85 - - [27/Apr/2022:13:10:54 -0500] "GET
/centos/7.9.2009/isos/x86_64/CentOS-7-x86_64-Everything-2009.iso HTTP/1.1"
403 153 "-" "curl/7.29.0"
112.22.156.108 - - [27/Apr/2022:13:10:54 -0500] "GET
/centos/8.5.2111/isos/x86_64/CentOS-8.5.2111-x86_64-dvd1.iso HTTP/1.1" 403
153 "-" "curl/7.29.0"
218.67.20.149 - - [27/Apr/2022:13:10:55 -0500] "GET
/centos/8.5.2111/isos/x86_64/CentOS-8.5.2111-x86_64-dvd1.iso HTTP/1.1" 403
153 "-" "curl/7.29.0"
120.43.124.48 - - [27/Apr/2022:13:10:55 -0500] "GET
/centos/8.5.2111/isos/aarch64/CentOS-8.5.2111-aarch64-dvd1.iso HTTP/1.1"
403 153 "-" "curl/7.29.0"
112.22.152.194 - - [27/Apr/2022:13:10:55 -0500] "GET
/centos/8.5.2111/isos/aarch64/CentOS-8.5.2111-aarch64-dvd1.iso HTTP/1.1"
403 153 "-" "curl/7.29.0"
120.43.125.124 - - [27/Apr/2022:13:10:56 -0500] "GET
/centos/8.5.2111/isos/aarch64/CentOS-8.5.2111-aarch64-dvd1.iso HTTP/1.1"
403 153 "-" "curl/7.29.0"
223.107.42.113 - - [27/Apr/2022:13:10:56 -0500] "GET
/centos/8.5.2111/isos/aarch64/CentOS-8.5.2111-aarch64-dvd1.iso HTTP/1.1"
403 153 "-" "curl/7.29.0"
183.250.140.251 - - [27/Apr/2022:13:10:56 -0500] "GET
/centos/7.9.2009/isos/x86_64/CentOS-7-x86_64-Everything-2009.iso HTTP/1.1"
403 153 "-" "curl/7.29.0"
112.22.156.51 - - [27/Apr/2022:13:10:56 -0500] "GET
/centos/8.5.2111/isos/x86_64/CentOS-8.5.2111-x86_64-dvd1.iso HTTP/1.1" 403
153 "-" "curl/7.29.0"
183.250.140.54 - - [27/Apr/2022:13:10:57 -0500] "GET
/centos/8.5.2111/isos/x86_64/CentOS-8.5.2111-x86_64-dvd1.iso HTTP/1.1" 403
153 "-" "curl/7.29.0"
183.250.140.251 - - [27/Apr/2022:13:10:57 -0500] "GET
/centos/8.5.2111/isos/x86_64/CentOS-8.5.2111-x86_64-dvd1.iso HTTP/1.1" 403
153 "-" "curl/7.29.0"
121.206.58.145 - - [27/Apr/2022:13:10:57 -0500] "GET
/centos/8.5.2111/isos/aarch64/CentOS-8.5.2111-aarch64-dvd1.iso HTTP/1.1"
403 153 "-" "curl/7.29.0"
183.250.141.44 - - [27/Apr/2022:13:10:57 -0500] "GET
/centos/8.5.2111/isos/x86_64/CentOS-8.5.2111-x86_64-dvd1.iso HTTP/1.1" 403
153 "-" "curl/7.29.0"
183.250.140.191 - - [27/Apr/2022:13:10:57 -0500] "GET
/centos/8.5.2111/isos/x86_64/CentOS-8.5.2111-x86_64-dvd1.iso HTTP/1.1" 403
153 "-" "curl/7.29.0"
183.250.141.209 - - [27/Apr/2022:13:10:57 -0500] "GET
/centos/8.5.2111/isos/x86_64/CentOS-8.5.2111-x86_64-dvd1.iso HTTP/1.1" 403
153 "-" "curl/7.29.0"
112.109.212.65 - - [27/Apr/2022:13:10:58 -0500] "GET
/centos/8.5.2111/isos/x86_64/CentOS-8.5.2111-x86_64-dvd1.iso HTTP/1.1" 403
153 "-" "curl/7.29.0"
112.109.212.13 - - [27/Apr/2022:13:10:58 -0500] "GET
/centos/8.5.2111/isos/x86_64/CentOS-8.5.2111-x86_64-dvd1.iso HTTP/1.1" 403
153 "-" "curl/7.29.0"
223.107.43.135 - - [27/Apr/2022:13:10:58 -0500] "GET
/centos/7.9.2009/isos/x86_64/CentOS-7-x86_64-Everything-2009.iso HTTP/1.1"
403 153 "-" "curl/7.29.0"
117.80.215.77 - - [27/Apr/2022:13:10:58 -0500] "GET
/centos/8.5.2111/isos/x86_64/CentOS-8.5.2111-x86_64-dvd1.iso HTTP/1.1" 403
153 "-" "curl/7.29.0"
117.80.215.137 - - [27/Apr/2022:13:10:59 -0500] "GET
/centos/8.5.2111/isos/aarch64/CentOS-8.5.2111-aarch64-dvd1.iso HTTP/1.1"
403 153 "-" "curl/7.29.0"
112.22.152.61 - - [27/Apr/2022:13:11:01 -0500] "GET
/centos/8.5.2111/isos/aarch64/CentOS-8.5.2111-aarch64-dvd1.iso HTTP/1.1"
403 153 "-" "curl/7.29.0"
27.158.193.43 - - [27/Apr/2022:13:11:01 -0500] "GET
/centos/8.5.2111/isos/x86_64/CentOS-8.5.2111-x86_64-dvd1.iso HTTP/1.1" 403
153 "-" "curl/7.29.0"


I geoblocked the country about a week ago, but the requests haven't
stopped. It was at the level that it was maxing out my 1gbit/sec link until
I did something.

Anyone else seeing anything similar?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.centos.org/pipermail/centos-mirror/attachments/20220427/d2b80cdd/attachment-0002.html>