I have multiple ipsets (nearly 300) that contain lists of IP addresses I would like to drop via iptables on my CentOS server running WHM/cPanel CSF/LFD.
How best to write the rule for this to work, and does a separate rule need to be written for each ipset (or can I use one rule)?
Thanks for any help.
As noted, this question is more appropriate for Server Fault.
A quick note, assuming a set call "badguys" you could log and then DROP as follows (assuming they are treated as source addresses)
iptables -A INPUT -m set --match-set badguys src -j LOG --log-prefix "badguys "
iptables -A INPUT -m set --match-set badguys src -j DROP