I have been using ipset to blacklist badbots. Works like a champ!
The only problem is if I do a system reboot, I lose the ipset and the rule.
I changed /etc/sysconfig/iptables.conf to:
And followed the instructions in:
The changes are still not saved.
The rules show up in the running /etc/syscong/iptables but are lost on a reboot.
Also, firewalld is not installed. This is a CentOS 6.8 system.
One question, do I need to stop iptables before I add the rules? I have seen examples where sometimes they do and sometimes they don’t.