BlueNoteWeb
Verified User
I have several servers set up, most running DA but a few don't. All have BFD and APF installed to keep an eye out for attackers. My firewall rules are getting to be pretty huge - anyone making too many attempts to log in to any remote servers with a wrong password is blocked, as are servers attempting to relay mail through the server without a password. This has resulted in a decrease in the size of my Exim logs if nothing else.
What I would like to do is synchronize those firewall rules across all of my servers. I'm thinking a cron job on one central server that would download the firewall rules from all satellite servers, weed out duplicate entries and combine into one big file. The satellite servers could then download the rules from the central server, then everyone has the same list of banned IPs.
Is there something like this that already exists? I don't want to re-invent the wheel and I don't have a ton of time to spend on this, but it seems like a logical thing to do.
Of course, the better solution would be a hardware firewall placed in front of my servers. At the moment that's not logistically feasible. My servers are distributed across multiple datacenters and even within each datacenter are not physically near each other.
Thoughts? Suggestions?
What I would like to do is synchronize those firewall rules across all of my servers. I'm thinking a cron job on one central server that would download the firewall rules from all satellite servers, weed out duplicate entries and combine into one big file. The satellite servers could then download the rules from the central server, then everyone has the same list of banned IPs.
Is there something like this that already exists? I don't want to re-invent the wheel and I don't have a ton of time to spend on this, but it seems like a logical thing to do.
Of course, the better solution would be a hardware firewall placed in front of my servers. At the moment that's not logistically feasible. My servers are distributed across multiple datacenters and even within each datacenter are not physically near each other.
Thoughts? Suggestions?
