Find the answer to your Linux question:
Results 1 to 2 of 2
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    Centalized database for firewall

    Hi All,

    Anyone please suggest an idea for having a centralized database or something for firewall? My requirement is if we add ip to block in a centralized database it should block in all servers.Anyone please suggest an idea for implementing this?


  2. #2
    There may be something that already does this but I don't know of it. So...if I had to do it from scratch, I'd probably set up a MySQL server to house the (very small) centralized db. It would contain the table of "blacklisted" ip addresses. Each server could keep track of this list by querying the central server.

    To that end, on all the servers, you'd have a simple shell script (run every hour or whatever) that would do the following:
    1. query the central MySQL server for the list of blacklisted ips
    2. if any changes are detected:
    - modify the iptables configuration to reflect the changes
    - restart iptables.

    Hacky, but it does what you want.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts