http://blog.gl2i.com/ 2026-05-30T19:29:21+00:00 http://blog.gl2i.com/ http://blog.gl2i.com/lib/exe/fetch.php?media=wiki:dokuwiki.svg text/html 2021-05-03T03:39:14+00:00 Anonymous (anonymous@undisclosed.example.com) http://blog.gl2i.com/doku.php?id=en:security:iptables&rev=1620013154&do=diff Iptables One golden rule we have in security is: first close everything then open services one by one and only to white listed IPs. It is exactly what we are going to see together with SSH protocol. Firewall Iptables is one of the most famous firewall on Linux. Some people say that it is too complicated and that's why ufw has been created. But still, Iptables is the only one for me text/html 2025-08-03T17:30:15+00:00 Anonymous (anonymous@undisclosed.example.com) http://blog.gl2i.com/doku.php?id=en:security:reaction-v2&rev=1754242215&do=diff Reaction v2 Great news, reaction has released a version 2. It goes from GO to Rust. In my OpenSSH use case, memory usage drops down by half. [usage reaction v2] Background image by David Revoy CC-BY 4.0 To celebrate, I updated my ansible playbook. - name: install packages required to have logs package: name: "{{ item }}" state: latest with_items: - iptables - iptables-persistent - logrotate - rsyslog become: True - name: stop reaction if running service: … text/html 2025-08-03T17:23:32+00:00 Anonymous (anonymous@undisclosed.example.com) http://blog.gl2i.com/doku.php?id=en:security:reaction&rev=1754241812&do=diff Reaction the new fail2ban Context When you have a server reachable from internet, it is a very good idea to control who has access to it and how. For years I am using the very good tool called iptables in a very restricted way. But it happened to me a story that I am going to share with you that made change my mind