Thought it might also be helpful to confirm that firewalld is not interfering in any way. what is the output of ~$# systemctl status firewalld On Sun, Apr 19, 2020 at 9:30 AM Jeffrey Walton <noloader at gmail.com> wrote: > > On Sun, Apr 19, 2020 at 9:26 AM Anand Buddhdev <anandb at ripe.net> wrote: > > > > On 19/04/2020 14:58, Jeffrey Walton wrote: > > > > Hi Jeffrey, > > > > > The offending host is 59.64.129.175. To err on the side of caution we > > > attempted to block the entire netblock. According to whois data, > > > that's 59.64.128.0-59.64.159.255. > > > > > > iptables -A INPUT -s 59.64.128.0/19 -p TCP -j DROP > > > > > > After reboot cpu usage is still high and access_log still shows > > > useless requests from the host: > > > > Did you actually arrange for your iptables rule to be reinstated at boot? > > > > If you just configure a rule as above, but don't save it, it will > > disappear ar reboot. > > Ugh, thanks. I did not realize the changes were only temporary. > > What is the recommended way to permanently add a ban rule? > > Thanks again. > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos