#Tag · bonfire.cafe

#Tag

Log in

Stefano Marinelli boosted

Eugene :freebsd: :emacslogo:

@evgandr@mastodon.bsd.cafe · 7 days ago

Since my home server not intended for use by any people outside of my city (plus some VPN endpoints in other countries) — it is ok to ban some unwanted countries and cities from which I don't expect anything good, except attempts to hack my box to use my resources or set me up .

So I added some GeoIP blocking to the npf with script to update GeoIP list — I blocked China, Iran, North Korea, etc and Moscow (because there are a lot of government and commercial backed bots coming from here). Results are good — the bots don't disappeared completely but the speed of adding new IPs to the blacklist is decreased

Sadly, I was unable to add USA and UK to the list, because looks like there are some limits (not found how to increase them ), which disallows to load a lot of CIDRs for these countries to the blacklist.

#NetBSD #npf #bots #selfhosting

2 media

Graph of the count of banned IPs per week. There are two red tangents on the two points — before and after the GeoIP bans were enabled. And the two red lines, parallel to the X axis.
The resulting derivatives are 0.59 and 0.38, so the speed of raising the values (count of blocked bots) are decreased. — Graph of the count of banned IPs per week. There are two red tangents on the two points — before and after the GeoIP bans were enabled. And the two red lines, parallel to the X axis. The resulting derivatives are 0.59 and 0.38, so the speed of raising the values (count of blocked bots) are decreased.

Part of the script to update npf blacklists. Script contents:

# List of blocked countries:
# AE - United Arab Emirates
# AF - Afganistan
# BY - Belarus
# CN - China
# CU - Cuba
# HK - Hong Kong
# HU - Hungary
# IR - Iran
# KP - North Korea
# KW - Kuwait
# PK - Pakistan
# PS - Palestine
# TW - Taiwan
# UA - Ukraine
/usr/pkg/bin/curl --connect-timeout 30 --fail --interface re0 --ipv4 --silent \
--retry 3 --retry-connrefused --retry-delay 5 --retry-max-time 90 \
--show-error --proxy http://127.0.0.1:20172 \
-o - "$GEOIP_COUNTRIES_SOURCE" | \
/usr/bin/egrep '^[0-9.,]+((AE)|(AF)|(BY)|(CN)|(CU)|(HK)|(HU)|(IR)|(KP)|(KW)|(PK)|(PS)|(TW)|(UA))$' | \
/usr/bin/awk -F, '{ print $1, "-", $2 }' | \
/usr/pkg/bin/iprange > /usr/share/npf/blacklist.countries.new
if [ "$?" -ne "0" ]; then
echo "Failed to update countries blacklist"
rm -f /usr/share/npf/blacklist.netset.new \
/usr/share/npf/blacklist.countries.new
exit 3
fi

# List of blocked cities:
# Moscow
/usr/pkg/bin/curl --connect-timeout 30 --fail --interface re0 --ipv4 --silent \
--retry 3 --retry-connrefused --retry-delay 5 --retry-max-time 90 \
--show-error --proxy http://127.0.0.1:20172 \
-o - "$GEOIP_CITIES_SOURCE" | \
gzip -d | \ — Part of the script to update npf blacklists. Script contents: # List of blocked countries: # AE - United Arab Emirates # AF - Afganistan # BY - Belarus # CN - China # CU - Cuba # HK - Hong Kong # HU - Hungary # IR - Iran # KP - North Korea # KW - Kuwait # PK - Pakistan # PS - Palestine # TW - Taiwan # UA - Ukraine /usr/pkg/bin/curl --connect-timeout 30 --fail --interface re0 --ipv4 --silent \ --retry 3 --retry-connrefused --retry-delay 5 --retry-max-time 90 \ --show-error --proxy http://127.0.0.1:20172 \ -o - "$GEOIP_COUNTRIES_SOURCE" | \ /usr/bin/egrep '^[0-9.,]+((AE)|(AF)|(BY)|(CN)|(CU)|(HK)|(HU)|(IR)|(KP)|(KW)|(PK)|(PS)|(TW)|(UA))$' | \ /usr/bin/awk -F, '{ print $1, "-", $2 }' | \ /usr/pkg/bin/iprange > /usr/share/npf/blacklist.countries.new if [ "$?" -ne "0" ]; then echo "Failed to update countries blacklist" rm -f /usr/share/npf/blacklist.netset.new \ /usr/share/npf/blacklist.countries.new exit 3 fi # List of blocked cities: # Moscow /usr/pkg/bin/curl --connect-timeout 30 --fail --interface re0 --ipv4 --silent \ --retry 3 --retry-connrefused --retry-delay 5 --retry-max-time 90 \ --show-error --proxy http://127.0.0.1:20172 \ -o - "$GEOIP_CITIES_SOURCE" | \ gzip -d | \

Eugene :freebsd: :emacslogo:

@evgandr@mastodon.bsd.cafe · 7 days ago

Since my home server not intended for use by any people outside of my city (plus some VPN endpoints in other countries) — it is ok to ban some unwanted countries and cities from which I don't expect anything good, except attempts to hack my box to use my resources or set me up .

So I added some GeoIP blocking to the npf with script to update GeoIP list — I blocked China, Iran, North Korea, etc and Moscow (because there are a lot of government and commercial backed bots coming from here). Results are good — the bots don't disappeared completely but the speed of adding new IPs to the blacklist is decreased

Sadly, I was unable to add USA and UK to the list, because looks like there are some limits (not found how to increase them ), which disallows to load a lot of CIDRs for these countries to the blacklist.

#NetBSD #npf #bots #selfhosting

2 media

Graph of the count of banned IPs per week. There are two red tangents on the two points — before and after the GeoIP bans were enabled. And the two red lines, parallel to the X axis.
The resulting derivatives are 0.59 and 0.38, so the speed of raising the values (count of blocked bots) are decreased. — Graph of the count of banned IPs per week. There are two red tangents on the two points — before and after the GeoIP bans were enabled. And the two red lines, parallel to the X axis. The resulting derivatives are 0.59 and 0.38, so the speed of raising the values (count of blocked bots) are decreased.

Part of the script to update npf blacklists. Script contents:

# List of blocked countries:
# AE - United Arab Emirates
# AF - Afganistan
# BY - Belarus
# CN - China
# CU - Cuba
# HK - Hong Kong
# HU - Hungary
# IR - Iran
# KP - North Korea
# KW - Kuwait
# PK - Pakistan
# PS - Palestine
# TW - Taiwan
# UA - Ukraine
/usr/pkg/bin/curl --connect-timeout 30 --fail --interface re0 --ipv4 --silent \
--retry 3 --retry-connrefused --retry-delay 5 --retry-max-time 90 \
--show-error --proxy http://127.0.0.1:20172 \
-o - "$GEOIP_COUNTRIES_SOURCE" | \
/usr/bin/egrep '^[0-9.,]+((AE)|(AF)|(BY)|(CN)|(CU)|(HK)|(HU)|(IR)|(KP)|(KW)|(PK)|(PS)|(TW)|(UA))$' | \
/usr/bin/awk -F, '{ print $1, "-", $2 }' | \
/usr/pkg/bin/iprange > /usr/share/npf/blacklist.countries.new
if [ "$?" -ne "0" ]; then
echo "Failed to update countries blacklist"
rm -f /usr/share/npf/blacklist.netset.new \
/usr/share/npf/blacklist.countries.new
exit 3
fi

# List of blocked cities:
# Moscow
/usr/pkg/bin/curl --connect-timeout 30 --fail --interface re0 --ipv4 --silent \
--retry 3 --retry-connrefused --retry-delay 5 --retry-max-time 90 \
--show-error --proxy http://127.0.0.1:20172 \
-o - "$GEOIP_CITIES_SOURCE" | \
gzip -d | \ — Part of the script to update npf blacklists. Script contents: # List of blocked countries: # AE - United Arab Emirates # AF - Afganistan # BY - Belarus # CN - China # CU - Cuba # HK - Hong Kong # HU - Hungary # IR - Iran # KP - North Korea # KW - Kuwait # PK - Pakistan # PS - Palestine # TW - Taiwan # UA - Ukraine /usr/pkg/bin/curl --connect-timeout 30 --fail --interface re0 --ipv4 --silent \ --retry 3 --retry-connrefused --retry-delay 5 --retry-max-time 90 \ --show-error --proxy http://127.0.0.1:20172 \ -o - "$GEOIP_COUNTRIES_SOURCE" | \ /usr/bin/egrep '^[0-9.,]+((AE)|(AF)|(BY)|(CN)|(CU)|(HK)|(HU)|(IR)|(KP)|(KW)|(PK)|(PS)|(TW)|(UA))$' | \ /usr/bin/awk -F, '{ print $1, "-", $2 }' | \ /usr/pkg/bin/iprange > /usr/share/npf/blacklist.countries.new if [ "$?" -ne "0" ]; then echo "Failed to update countries blacklist" rm -f /usr/share/npf/blacklist.netset.new \ /usr/share/npf/blacklist.countries.new exit 3 fi # List of blocked cities: # Moscow /usr/pkg/bin/curl --connect-timeout 30 --fail --interface re0 --ipv4 --silent \ --retry 3 --retry-connrefused --retry-delay 5 --retry-max-time 90 \ --show-error --proxy http://127.0.0.1:20172 \ -o - "$GEOIP_CITIES_SOURCE" | \ gzip -d | \

bonfire.cafe

A space for Bonfire maintainers and contributors to communicate

bonfire.cafe: About · Code of conduct · Privacy · Users · Instances

Bonfire social · 1.0.2-alpha.7 no JS en

Automatic federation enabled

Log in