Configure temporary to permanent IP and network class blocking.
juggernaut --task=lfd:netblockOption |
Value | Default | Description |
|---|---|---|---|
--LF_PERMBLOCK |
<1|0> | 1 | Enable temporary to permanent IP blocking. This will permanently block IP addresses that have been temporarily blocked more than LF_PERMBLOCK_COUNT times in the last LF_PERMBLOCK_INTERVAL seconds. |
--LF_PERMBLOCK_INTERVAL |
<3600-604800> | 86400 | The interval in seconds before triggering a Permanent block. LF_PERMBLOCK_INTERVAL needs to be at least LF_PERMBLOCK_COUNT multiplied by the longest temporary time setting (TTL) for blocked IPs, to be effective. |
--LF_PERMBLOCK_COUNT |
<1-255> | 4 | The number of times before triggering a Permanent block. |
--LF_NETBLOCK |
<1|0> | 1 | Permanently block IPs by network class. Permanently block classes of IP address where individual IP addresses within the same class LF_NETBLOCK_CLASS have already been blocked more than LF_NETBLOCK_COUNT times in the last LF_NETBLOCK_INTERVAL seconds. This can help blocking DDOS attacks launched from within the same network class. |
--LF_NETBLOCK_INTERVAL |
<3600-604800> | 86400 | The interval in seconds before triggering a Permanent block by network class. |
--LF_NETBLOCK_COUNT |
<1-255> | 4 | The number of times before triggering a Permanent block. |
--LF_NETBLOCK_CLASS |
<A|B|C> | C | Care and consideration is required when blocking network classes A or B. |
--LF_NETBLOCK_IPV6 |
<string> | Enable IPv6 netblock blocking. Valid settings for LF_NETBLOCK_IPV6 are "/64", "/56", "/48", "/32" and "/24". Great care should be taken with IPV6 netblock ranges due to the large number of addresses involved. | |
--default |
<yes> | Reset all settings to their default values. | |
--default_option |
<option> | Reset a specific setting to its default value. | |
--restart |
<yes> | Restart the service after saving settings. |
// set the LF_PERMBLOCK_COUNT
juggernaut --task=lfd:netblock --LF_PERMBLOCK_COUNT=3 --restart=yes
// reset LF_PERMBLOCK_COUNT back to default
juggernaut --task=lfd:netblock --default_option=LF_PERMBLOCK_COUNT --restart=yes
// reset all settings back to default
juggernaut --task=lfd:netblock --default=yes --restart=yes