bastian/deploy_home
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b4ebc4bad7c9ab18e0cca15783e4e28fdee38a96
deploy_home/ansible/roles/podman/templates/fulfillr/production.json.j2
Bastian de Byl 9d562c7188 feat: smart zomboid traffic filtering with packet-size detection 
Replace per-IP hashlimit with smarter filtering that distinguishes
legitimate players from scanner bots based on packet behavior:
- Players send varied packet sizes (53, 37, 1472 bytes)
- Scanners only send 53-byte query packets

New firewall rule chain:
- Priority 2: Mark + ACCEPT non-query packets (verifies player)
- Priority 3: ACCEPT queries from verified IPs (1 hour TTL)
- Priority 4: LOG rate-limited queries from unverified IPs
- Priority 5: DROP rate-limited queries (2 burst, then 1/hour)

Also includes:
- Fail2ban zomboid jail with tighter thresholds (5 retries/4h, 1w ban)
- Graylog streams for zomboid-connections, zomboid-ratelimit, fail2ban
- GeoIP pipeline enrichment for zomboid traffic
- Fluent-bit inputs for ratelimit logs and fail2ban events
- Remove Legendary Katana mod (Workshop 3418366499) - removed from Steam
- Bump Immich to v2.5.0
- Fix fulfillr config (nil → null)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-27 15:09:26 -05:00

37 lines
1.1 KiB
Django/Jinja
Raw Blame History

{
"snipcart_api_key": "{{ snipcart_api_key }}",
"easypost_api_key": "{{ easypost_api_key }}",
"backinstock_table": "{{ fulfillr_backinstock_table }}",
"aws": {
"access_key": "{{ fulfillr_access_key }}",
"secret_key": "{{ fulfillr_secret_key }}",
"region": "{{ fulfillr_region }}",
"bucket": "{{ fulfillr_bucket }}"
},
"tax": {
"ein": "{{ fulfillr_tax_ein }}",
"ioss": null
},
"sender_address": {
"city": "Newbury",
"country": "US",
"email": "sales@debyltech.com",
"name": "de Byl Technologies LLC",
"phone": "6034160859",
"state": "NH",
"street1": "976 Route 103",
"street2": "Unit 95",
"zip": "03255"
},
"outreach": {
"outreach_table": "debyltech-outreach-prod",
"unsubscribe_table": "debyltech-unsubscribe-prod",
"email_log_table": "debyltech-email-log-prod",
"reviews_table": "debyltech-reviews-prod",
"hmac_secret_arn": "{{ fulfillr_hmac_arn }}",
"ses_from_email": "noreply@debyltech.com",
"ses_reply_to": "support@debyltech.com",
"ses_region": "us-east-1",
"base_url": "https://debyltech.com"
}
}
Reference in New Issue View Git Blame Copy Permalink