Gather addresses to ban through standby loadbalancers
Hello, we deploy loadbalancers that share a virtual/floating ip address (vip - using keepalived). When a server does not have the vip all the traffic it gets is from bots that should be banned (they are not using the service address and have found the host by port scanning). I'm wondering how to gather these only when the server does not have the vip.
4 Replies
Important Information
This post has been marked as resolved. If this is a mistake please press the red button below or type
/unresolve© Created By WhyAydan for CrowdSec ❤️
You could get details of the incoming packets and dst address which is not the vip. And in that case log connection and send it to remote location where rule would trigger ban
Thanks @KaszpiR
Resolving Gather addresses to ban through standby loadbalancers
This has now been resolved. If you think this is a mistake please run
/unresolve