beep
New Around Here
Hi,
Once up on a time xt_recent was a module, now days its complied into the kernel.
I'm using it for temporary blocking unauthorized traffics.
The neat feature with xt_recent compared to ipset is that it is also able to match TTL. Making it a better to sieve out the good and the bad.
The default size of that list is 100 (ip_list_tot) and if it is as a module I can adjust that.
All those bad antagonist trying to intrude my private network property are more then 100, I can tell.
When its in the kernel this is only possible to change it in kernel cmdline.
If its possible to change the kernel cmdline pls let me know (beside compiling from scratch)
Otherwise I would be a happy guy if CONFIG_NETFILTER_XT_MATCH_RECENT=m in the next release.
I'm on a RT-AX58U if its differs.
Cheers,
Beep
Once up on a time xt_recent was a module, now days its complied into the kernel.
I'm using it for temporary blocking unauthorized traffics.
The neat feature with xt_recent compared to ipset is that it is also able to match TTL. Making it a better to sieve out the good and the bad.
The default size of that list is 100 (ip_list_tot) and if it is as a module I can adjust that.
All those bad antagonist trying to intrude my private network property are more then 100, I can tell.
When its in the kernel this is only possible to change it in kernel cmdline.
If its possible to change the kernel cmdline pls let me know (beside compiling from scratch)
Otherwise I would be a happy guy if CONFIG_NETFILTER_XT_MATCH_RECENT=m in the next release.
I'm on a RT-AX58U if its differs.
Cheers,
Beep