fail2ban- How to whitelist a big list of IP address to the jail.local file
My CDN provider gives me a big list of IP to whitelist, I need to add them to the line of ignoreip = in jail.local.
The list of IP address provided is line by line with one line one IP address, but the ignoreip is just one line and the instruction indicates that several addresses can be defined using space separator.
How should add this list to the line of ignoreip?
Concerns: 1. If I manually convert the list of IP address to be space separator, the line will be very long, I worry that it maybe too long and be ignored. second, manual change may make mistake and it is not easy to look at.
Is there a way that I can add it line by line to the ignoreip field in jail.local file?
Is there a way that I can put the list of IP address to be a separate file? that would be more clean.
please advise.
Thanks -David
fail2ban's ignoreip = takes space delimited CIDR blocks. CR's are ignored, but the next line has to start with a space, so you can break up a very long line as:
ignoreip = 0.0.0.0/8 10.0.0.0/8 23.135.225.0/24 23.151.160.0/24
27.123.224.0/22 27.124.64.0/20 27.126.156.0/22 36.50.0.0/16
43.225.128.0/22 43.227.184.0/22 43.228.104.0/22 43.228.164.0/22
43.228.172.0/22 43.229.16.0/22 43.231.130.0/23 43.240.52.0/22
43.240.232.0/22 23.114.97.241 8.8.8.8 1.1.1.1
note the initial space on each subsequent line after "ignoreip"