-
-
Save alexclear/898993ed9f8f8f990f7d to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| - name: install ipset | |
| apt: name=ipset state=present | |
| - name: list a set | |
| shell: ipset list badmfs | |
| ignore_errors: True | |
| register: result | |
| - name: create a set if it does not exist | |
| shell: ipset create badmfs hash:ip maxelem 524288 | |
| when: result|failed | |
| - name: check if the set is banned | |
| shell: iptables -L -v -n | grep "match-set badmfs src" | |
| ignore_errors: True | |
| register: result | |
| - name: ban the set | |
| command: iptables -I INPUT 1 -m set --match-set badmfs src -j DROP | |
| when: result|failed | |
| - name: ban a list of IP adresses | |
| shell: ipset add badmfs {{ item }} | |
| ignore_errors: True | |
| with_items: | |
| - 89.223.109.66 | |
| - 91.233.244.66 | |
| - 178.204.98.207 | |
| - 93.100.81.17 | |
| - 77.50.93.8 | |
| - 173.212.222.71 | |
| - 176.57.216.89 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment