From 3b73edf4915b0096dcce3f929433c4ad3fd418e5 Mon Sep 17 00:00:00 2001 From: staticsafe Date: Mon, 23 Dec 2019 18:40:39 -0500 Subject: [PATCH] add firewall rule to drop aggressive crawler in catsith.asininetech.net.rules.v6 --- .../files/catsith.asininetech.net.rules.v6 | 1 + 1 file changed, 1 insertion(+) diff --git a/ubuntu/roles/firewall-ruleset-deploy/files/catsith.asininetech.net.rules.v6 b/ubuntu/roles/firewall-ruleset-deploy/files/catsith.asininetech.net.rules.v6 index ba7ea5d..939d915 100644 --- a/ubuntu/roles/firewall-ruleset-deploy/files/catsith.asininetech.net.rules.v6 +++ b/ubuntu/roles/firewall-ruleset-deploy/files/catsith.asininetech.net.rules.v6 @@ -3,6 +3,7 @@ :FORWARD DROP :OUTPUT DROP :icmp_in - +-A INPUT -s 2601:647:300:fab:8c74:7e2f:58c0:4f92/128 -m comment --comment "Aggressive Masto API crawler" -j DROP -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT