I have a problem with my email server where I am getting hit by a bot out of Kiev (5.34.207.88) about once per second. In the 20yrs I've had this server I've not had an issue like this. Once blocked, they usually go away.
My comcast business class cable router doesn't have an integrated firewall as I had with ATT. My email server blocks the bot but it is slowing my email response time, filling the logs, etc. This is going on for a month or so. I tried to get comcast to block the address, sent emails to the IP networking company, etc.
My home media and cloud server (not email) runs ubuntu server 20.04. Currently it is entirely on my home 192.x.x.x network behind an ICX6610 switch. It has 4 open 1GE ports. Given this server is lightly loaded and has a bunch of open network interfaces, would I be able to use two of them for an inline firewall on my public IP address which is like 52.x.x.x?
Ideally, I would take a port off the comcast router, bring it into the ubuntu 20.04 on the 52.x.x.x network, filter the traffic, and then route it out another port to my dedicated email server.
Possible? Practical?
Thanks,
Jerry
My comcast business class cable router doesn't have an integrated firewall as I had with ATT. My email server blocks the bot but it is slowing my email response time, filling the logs, etc. This is going on for a month or so. I tried to get comcast to block the address, sent emails to the IP networking company, etc.
My home media and cloud server (not email) runs ubuntu server 20.04. Currently it is entirely on my home 192.x.x.x network behind an ICX6610 switch. It has 4 open 1GE ports. Given this server is lightly loaded and has a bunch of open network interfaces, would I be able to use two of them for an inline firewall on my public IP address which is like 52.x.x.x?
Ideally, I would take a port off the comcast router, bring it into the ubuntu 20.04 on the 52.x.x.x network, filter the traffic, and then route it out another port to my dedicated email server.
Possible? Practical?
Thanks,
Jerry