Hello Avon,

Since I have had Mystic up and running again on this Pi3 I have watched
the MIS window. I have seen at least a 100 Telnet hits from China in the
last 35 minutes. And a considerably lesser amout from Japan. Looks like I
will be adjusting the blocking settings on this end. :-)

I recall when I setup IP blocking in BBBS. I had some 13,000 IP's
blocked. I have 22 nodes available in BBBS and BBBS was getting telnet
hit constantly for a time. I have swithch over to using iptables on the
BBBS machine to manage the telnet hits.


Jeff

--- Mystic BBS v1.12 A37 2017/12/13 (Raspberry Pi/32)
* Origin: The Ouijaboard V - Anoka, MN (21:1/128.2)

I recall when I setup IP blocking in BBBS. I had some 13,000 IP's
blocked. I have 22 nodes available in BBBS and BBBS was getting telnet
hit constantly for a time. I have swithch over to using iptables on the
BBBS machine to manage the telnet hits.

You can have Mystic automatically add the IPs into iptables if you want as well.

--- Mystic BBS v1.12 A37 2017/12/15 (Windows/32)
* Origin: Sector 7 [Mystic BBS WHQ] (21:1/108)

On 12/15/17, Jeffs said the following...

I recall when I setup IP blocking in BBBS. I had some 13,000 IP's
blocked. I have 22 nodes available in BBBS and BBBS was getting telnet
hit constantly for a time. I have swithch over to using iptables on the
BBBS machine to manage the telnet hits.

If you're working with multi-kilobyte blocklists I'd recommend one of ipset's hash table modules if your setup supports it. Especially if you're dynamically adding rules. It'll condense down a large number of addresses or nets to a
much smaller hash that the network filter then only has to perform a hash comparison on, instead of iterating down the entire list for every packet that hits the interface. You also don't have iptables pulling and pushing the
entire ruleset back to the kernel every time you add one address.

--- Mystic BBS v1.12 A36 2017/12/03 (Linux/64)
* Origin: Subcarrier BBS (21:2/140)