diff options
author | Jesusaves <cpntb1@ymail.com> | 2020-12-27 17:22:50 -0300 |
---|---|---|
committer | Jesusaves <cpntb1@ymail.com> | 2020-12-27 17:22:50 -0300 |
commit | f0a170e4a61e34ff13475c4ebb4638204db9a993 (patch) | |
tree | 7053412dc0a1cbc96a783d0099debce4b664e4db /README.md | |
parent | dcaddd5132175cfc40b2bd2b7a0f6de3d5fb53d0 (diff) | |
download | server-f0a170e4a61e34ff13475c4ebb4638204db9a993.tar.gz server-f0a170e4a61e34ff13475c4ebb4638204db9a993.tar.bz2 server-f0a170e4a61e34ff13475c4ebb4638204db9a993.tar.xz server-f0a170e4a61e34ff13475c4ebb4638204db9a993.zip |
Update instructions, attempt to generate a Z-Line file at make time.
Diffstat (limited to 'README.md')
-rw-r--r-- | README.md | 21 |
1 files changed, 11 insertions, 10 deletions
@@ -59,19 +59,20 @@ See also their official website: https://www.fail2ban.org The server will read (one IP per line) the files called Z-Line, G-Line and K-Line in this order during startup, and won't read them again at runtime. They will issue "bans", which causes connection to be dropped right after being -established with status 1011. - -It is advised dropping IPs at Z-Line on a firewall level, but that is not done -automatically, nor are the files distinguished among themselves. - -You can, for example, download a +established. For several reasons, you should deny problematic IPs **before** the +connection is established, not right after; So do not understimate a properly +configured fail2ban. + +The files are not distinguished among themselves, however, Z-Line.txt will be +populated with `make initdb` with blocklist.de recommendations, and K-Line can be +populated by using the `kline` server console command. G-Line remains available +for any extra ban list you might have or wish - for example, you could download [Tor Exit Nodes List](https://check.torproject.org/torbulkexitlist?ip=1.1.1.1) -and auto-fill one of the three files, while still keeping two ban lists for your -own management. +and write G-Line.txt with it to prevent access to the game from Tor. -However, keep in mind that `kline` console command will write to K-Line.txt so +Keep in mind that `kline` console command will write to K-Line.txt so autogenerating data for it is not advised. All bans expire when server restarts, -except if they have been kline'd. +except if they have been kline'd (or are otherwise listed on a -Line file.) Other suggestions (never tested): * [Blocklist DE](blocklist.de) - IP-Addresses who attack other servers/honeypots over SSH, FTP, IMAP, etc. |