Symptoms
When attempting to add new IPs to Imunify360's Whitelist or Blacklist, an error similar to the following is generated and the IP is not added:
Command ['/usr/sbin/ipset', 'add', 'i360.ipv4.blacklist', '208.74.123.84/32', 'timeout', '0', '-exist'] returned non-zero code 1,
Stdout: None,
Stderr: ipset v7.1: Hash is full, cannot add more elements
Description
The error is caused by the maximum number of elements limit being reached in the ipset list. The limit is 100,000 addresses and can be confirmed that the limit is hit with the following command:
# ipset -L i360.ipv4.blacklist | head
Name: i360.ipv4.blacklist
Type: hash:net
Revision: 6
Header: family inet hashsize 65536 maxelem 100000 timeout 0
Size in memory: 655480
References: 1
Number of entries: 100000
Workaround
In order to add more than 100,000 addresses to an Imunify360 list, the external whitelist/blacklist management feature can be utilized. This allows up to 500,000 addresses. Note: These addresses will not show in the i360 UI.
Files created with the txt extension in the following locations will be read. Create the files with the IP address (or CIDR notation) per line:
/etc/imunify360/whitelist/*.txt
/etc/imunify360/blacklist/*.txt
After creating the above files, reload the page with the following command:
imunify360-agent reload-lists
More information can be found in the Imunify360 documentation: External Black/Whitelist Management
Comments
0 comments
Article is closed for comments.