March, 2024 | My Random Notes

Decided to create ipset stophack and add all access to ports 23, 22, 3306, 110, 143, 25 of ip <myserverip>

firewall-cmd –zone=external –add-rich-rule=’rule source ipset=stophack drop’
firewall-cmd –permanent –get-ipsets
firewall-cmd –permanent –new-ipset=stophack –type=hash:net
firewall-cmd –permanent –ipset=stophack –add-entries-from-file=stophack.txt
firewall-cmd –permanent –ipset=stophack –get-entries
firewall-cmd –permanent –ipset=stophack –add-entry=120.224.174.135

cat bdknock.xml
<?xml version="1.0" encoding="utf-8"?>
 <service>
  <port port="12345" protocol="tcp"/>
  <port port="2345" protocol="udp"/>
  <port port="345" protocol="udp"/>
  <port port="54321" protocol="tcp"/>
 </service>

My Random Notes

Monthly Archives: March 2024

FirewallD IPSet for blocking list of ips

Where my time vanishes everyday