92.53.90.0-92.53.90.255,80.93.187.0-80.93.187.255,195.181.166.0-195.181.166.255,95.213.143.0-95.213.143.255,91.206.14.0-91.206.14.255,92.53.65.0-92.53.65.255,79.142.76.0-79.142.76.255,91.206.15.0-91.206.15.255,194.61.24.0-194.61.24.255,92.119.160.0-92.119.160.255,69.161.195.0-69.161.195.255,212.92.101.0-212.92.101.255,195.19.10.0-195.19.10.255,193.188.22.0-193.188.22.255,185.137.234.0-185.137.234.255,5.178.87.0-5.178.87.255,31.131.251.0-31.131.251.255,188.92.77.0-188.92.77.255,23.107.55.0-23.107.55.255,45.141.86.0-45.141.86.255,172.246.205.0-172.246.205.255,176.113.115.0-176.113.115.255,185.202.1.0-185.202.1.255,185.202.2.0-185.202.2.255,134.249.127.0-134.249.127.255,193.93.62.0-193.93.62.255,194.61.54.0-194.61.54.255,194.61.55.0-194.61.55.255,87.251.66.0-87.251.66.255,5.188.206.0-5.188.206.255,87.251.75.0-87.251.75.255,92.53.64.*
这些全是国外,总爱爆破我的小鸡,大部分都是俄罗斯和什么罗马尼亚,没有一个国内IP,全是扫别人的,做站的大家建议加下,再次说明,一个国内IP都没有。之前我的吃灰机发现闲置竟然CPU跑30%,查看端口,发现一群这种IP在扫。国内和国外自己的几台机子1年多下来,总结了这些爆破的IP段,每个段后都是逗号隔开,可以自己修改下需要的名单格式,每个IP发现后,都会去搜索来路,没有国内的,放心食用。
-----------------------------------------------------
网友回复:
就这?
还不如写好了让mjj抄
Ali
firewall-cmd--permanent--add-rich-rule="rulefamily=ipv4sourceaddress=140.205.201.0/28drop"
firewall-cmd--permanent--add-rich-rule="rulefamily=ipv4sourceaddress=140.205.201.16/29drop"
firewall-cmd--permanent--add-rich-rule="rulefamily=ipv4sourceaddress=140.205.201.32/28drop"
firewall-cmd--permanent--add-rich-rule="rulefamily=ipv4sourceaddress=140.205.225.192/29drop"
firewall-cmd--permanent--add-rich-rule="rulefamily=ipv4sourceaddress=140.205.225.200/30drop"
firewall-cmd--permanent--add-rich-rule="rulefamily=ipv4sourceaddress=140.205.225.184/29drop"
firewall-cmd--permanent--add-rich-rule="rulefamily=ipv4sourceaddress=140.205.225.183/32drop"
firewall-cmd--permanent--add-rich-rule="rulefamily=ipv4sourceaddress=140.205.225.206/32drop"
firewall-cmd--permanent--add-rich-rule="rulefamily=ipv4sourceaddress=140.205.225.205/32drop"
firewall-cmd--permanent--add-rich-rule="rulefamily=ipv4sourceaddress=140.205.225.195/32drop"
firewall-cmd--permanent--add-rich-rule="rulefamily=ipv4sourceaddress=140.205.225.204/32drop"
Default
不是我不想贴,实在贴不下。超字数了。
网友回复:
其实更应该加的是头条,一到夜里就飞起,不过,还是向流量低头吧
网友回复:
感谢分享,我做博客的小鸡已经在安全组里关了22端口,用的时候再开一下
网友回复:
引用:jqbaobao发表于2020-7-2310:45
网友回复:
就这?
还不如写好了让mjj抄
Ali
firewall-cmd--permanent--add-rich-rule="rulefamily=ipv4sourceaddress=140.205.201.0/28drop"
firewall-cmd--permanent--add-rich-rule="rulefamily=ipv4sourceaddress=140.205.201.16/29drop"
firewall-cmd--permanent--add-rich-rule="rulefamily=ipv4sourceaddress=140.205.201.32/28drop"
firewall-cmd--permanent--add-rich-rule="rulefamily=ipv4sourceaddress=140.205.225.192/29drop"
firewall-cmd--permanent--add-rich-rule="rulefamily=ipv4sourceaddress=140.205.225.200/30drop"
firewall-cmd--permanent--add-rich-rule="rulefamily=ipv4sourceaddress=140.205.225.184/29drop"
firewall-cmd--permanent--add-rich-rule="rulefamily=ipv4sourceaddress=140.205.225.183/32drop"
firewall-cmd--permanent--add-rich-rule="rulefamily=ipv4sourceaddress=140.205.225.206/32drop"
firewall-cmd--permanent--add-rich-rule="rulefamily=ipv4sourceaddress=140.205.225.205/32drop"
firewall-cmd--permanent--add-rich-rule="rulefamily=ipv4sourceaddress=140.205.225.195/32drop"
firewall-cmd--permanent--add-rich-rule="rulefamily=ipv4sourceaddress=140.205.225.204/32drop"
Default
不是我不想贴,实在贴不下。超字数了。
网友回复:
感谢楼主顺便建议去github弄个项目大家可以一起来维护