I followed the instructions and ran the script. I see the blocked ip with this command:
Name: abuseipdb_blacklist_v4
Type: hash:ip
Revision: 6
Header: family inet hashsize 4096 maxelem 65536 bucketsize 12 initval 0xc42f362f
Size in memory: 240168
References: 1
Number of entries: 9969
Members:
157.230.242.104
107.150.117.187
64.62.156.27
91.196.152.25
14.225.206.98
45.158.8.66
8.211.39.61
8.219.120.85
195.184.76.111
109.167.197.20
183.82.105.140
:
So it looks like the list is generated.
I don’t see any of the IP’s in the blacklist .
How long will it take for them to show up.
I also see this in iptables:
[root@mail demo]# iptables -L MAILCOW
Chain MAILCOW (2 references)
target prot opt source destination
DROP all -- anywhere anywhere match-set abuseipdb_blacklist_v4 src
DROP tcp -- anywhere anywhere multiport dports mysql,redis,8983,italk
Can I monitor it with something like this command:
Every 5.0s: iptables -n -v -L MAILCOW | grep -v "0 0" mail: 10:55:43
in 0.010s (0)
Chain MAILCOW (2 references)
pkts bytes target prot opt in out source destination
27 35316 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 match-set abuseipdb_blacklist_v4 src