Want to subscribe to topics you're interested in?
Become a Member

Red Hat Enterprise Linux 8 released

Discussion in 'CentOS, Redhat & Oracle Linux News' started by buik, May 8, 2019.

  1. eva2000

    eva2000 Administrator Staff Member

    42,086
    9,499
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,618
    Local Time:
    1:21 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    Not sure I understand, centmin mod with csf firewall has automatic IPSET support if centmin mod at install time detects your linux kernel supports IPSET which is usually case for non-openvz systems (openvz6 2.6.x kernel don't support IPSET only openvz7 with 3.10 kernel support IPSET).
     
  2. ideas

    ideas New Member

    7
    2
    3
    May 29, 2019
    Ratings:
    +3
    Local Time:
    12:21 PM
    I'm testing Centmin Mod in Google Cloud VM which uses KVM and thought that CSF was configured to use IPSET. I meant that if an CSF alternative was necessary hopefully it will be one that also is configured to use IPSET when possible but it looks like it's not needed with nftables. For example, this script was upgraded from iptables+ipset to nftables: kubax/blocklist-with-nftables to see the difference.
    Interesting related git repos on Github:
    Frzk/ansible-role-nftables
    ipr-cnrs/nftables
    gavinhungry/combust
    larsbs/nftablui
    chr0mag/geoipsets
    nftables support was added in Fail2Ban release 0.9.4.
     
    Last edited: Jun 1, 2019