Project

General

Profile

Actions
Copy link

Feature #1439

closed

request: ip banning options for mod_evasive

Added by Anonymous over 16 years ago. Updated 4 months ago.

Status:
Obsolete
Priority:
Low
Category:
mod_evasive
Target version:
1.4.23
ASK QUESTIONS IN Forums:
No

Description

when mod_evasive turns a connection away it would be nice if it could increment some internal counter for that ip and blacklists it after while.

iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent \
--set

iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent \
--update --seconds 60 --hitcount 3 -j REJECT

works at a lower level though, so might be more useful

-- w1zzard

Actions
Copy link
 #1

Updated by Anonymous over 16 years ago

+1 with some configuration

Actions
Copy link
 #2

Updated by stbuehler over 15 years ago

  • Target version changed from 1.4.20 to 1.4.21
Actions
Copy link
 #3

Updated by icy about 15 years ago

  • Target version changed from 1.4.21 to 1.4.22
  • Patch available set to No
Actions
Copy link
 #4

Updated by stbuehler about 15 years ago

  • Target version changed from 1.4.22 to 1.4.23
Actions
Copy link
 #5

Updated by stbuehler almost 15 years ago

  • Status changed from New to Wontfix

lighty is not running as root (at least it shouldn't), so that is not possible. and it works only with iptables, ...

Just use the iptable connlimit module.

Actions
Copy link
 #6

Updated by gstrauss 4 months ago

  • Status changed from Wontfix to Obsolete
  • ASK QUESTIONS IN Forums set to No

mod_evasive is no longer part of the lighttpd base
For replacement, see lua mod_evasive

Actions
Copy link

Also available in: Atom