[BlueOnyx:26292] Re: Saving APF Blacklist opens firewall
Ken Marcus
kenmarcusprecisionweb at gmail.com
Wed Jun 14 12:36:26 -05 2023
Try setting
SET_FASTLOAD="1"
in the /etc/apf/conf.apf
Or skip APF and just block the IP from the command line using
/sbin/route add -host $iptoblock reject
Ken Marcus
Precision Web Hosting, LLC
On Tue, Jun 13, 2023 at 4:53 AM John Simpson via Blueonyx <
blueonyx at mail.blueonyx.it> wrote:
> Hi,
>
> (On 5209r)
> I have noticed if I add an ip address to the APF Blacklist and press Save,
> the firewall is open during the save process.
> There are a lot of addresses in the firewall, and it takes several seconds
> to process the saving of the list.
> The firewall should be delaying traffic, not permitting traffic that
> should be blocked while the rules are activated.
>
> I believe under the hood you are using iptables?
> overly simplified operations should be:
>
> iptables -P INPUT DROP # disable until all block rules are in place
> iptables -P FORWARD DROP # disable until all block rules are in place
> iptables -P OUTPUT DROP # disable until all block rules are in place
> iptables -F # flush rules
> # add blocking rules for blacklist
> # add rule at end to permit www traffic not already blocked
> _______________________________________________
> Blueonyx mailing list
> Blueonyx at mail.blueonyx.it
> http://mail.blueonyx.it/mailman/listinfo/blueonyx
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20230614/2ff4f44a/attachment.html>
More information about the Blueonyx
mailing list