similar to: iptables: hitcount

Hello, I have well performing iptables in centos 5.2 and 5.3 : -A INPUT -m state --state NEW -m recent --update --seconds 60 --hitcount 1000 -p tcp --dport 25 -j LOG --log-prefix "FW DROP IP Flood: " Centos 5.5, updated today: Without -hitcount : iptables accept the line Including -hitcount : iptables brings an error message: Applying iptables firewall rules: iptables-restore:

Helo, we use recent to control ip traffic. kernel 2.6.18-308.13.1.el5 : all is OK kernel 2.6.18-308.16.1.el5 : the first recent statement causes an error. E.g.: iptables -A INPUT -m state --state NEW -m recent --set -p tcp --dport 80 iptables: Unknown error 18446744073709551615 The man pages say: recent is supported. CentOS 6: is OK Knows anyone more? Best regards Helmut Drodofsky -- Viele

I added these rules to IPTABLES to slow brute force attacks. iptables -A INPUT -p tcp --dport 22 -s my_subnet/24 -j ACCEPT iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --set --name SSH iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 60 --hitcount 5 --rttl --name SSH -j DROP I would like log entries when connections are dropped to see

Helo, update is in EPEL repository. on startup, clamd does not further create clamd.sock and clamd.pid clamd service stops without any message - even in debug mode. It's a nightmare. Helmut -- Viele Gr??e Helmut Drodofsky Internet XS Service GmbH He?br?hlstra?e 15 70565 Stuttgart Gesch?ftsf?hrung Dr.-Ing. Roswitha Hahn-Drodofsky HRB 21091 Stuttgart USt.ID: DE190582774 Tel. 0711

Hello, all. I read this document about iptables recent module. http://blog.andrew.net.au/2005/02/16#ipt_recent_and_ssh_attacks and I would like to filter the excessive spam mail sending ip address by iptables recent module. and some questions. iptables -A INPUT -p tcp --dport 25 -m state --state NEW -m recent --set --name SPAM iptables -A INPUT -p tcp --dport 25 -m state --state NEW -m

Helmut Drodofsky wrote: > Hello, > > there is one route missing: > > 128.0.0.0/1. > Did you mean 127.0.0.0? mark > config client: > route-nopull > redirect-gateway def1 bypass-dhcp > > best regards > Helmut > > Viele Gr??e > Helmut Drodofsky > > Internet XS Service GmbH > He?br?hlstra?e 15 > 70565 Stuttgart > > Gesch?ftsf?hrung

2016-07-08 4:19 GMT+08:00 Helmut Drodofsky <drodofsky at internet-xs.de>: > Helo, > > update is in EPEL repository. > > on startup, clamd does not further create clamd.sock and clamd.pid > > clamd service stops without any message - even in debug mode. > > Comment out "AllowSupplementaryGroups" in config clamd.conf and try restart again > It's a

Hello, njab.org will discontinue blacklist services. On 1. March 2013 Apache published: Bug 6913; Disabled rules/scores for njabl.org See: http://svn.apache.org/viewvc?view=revision&revision=1451776 Will there be an update from CentOS? Best regards Helmut Drodofsky -- Viele Gr??e Helmut Drodofsky Internet XS Service GmbH He?br?hlstra?e 15 70565 Stuttgart Gesch?ftsf?hrung

Hello, because of high disk load we plan to move from disk (raid1) to ssd. Are there recommendations for - manufacturer - file sytem - raid1 The Red Hat Storage Administration Guide says: - no raid 1 - ext4 only is this state of the art? I have searched list,centos.org 2015 - nothing found. I found in the year 2012 / 2013: https://www.centos.org/forums/viewtopic.php?t=7580

Hello, I have found a lot of discussions concerning the LSI Logic scsi driver. E.g.: https://lkml.org/lkml/2010/4/26/335 https://bugzilla.kernel.org/show_bug.cgi?id=16547 http://www.redhat.com/archives/rhl-list/2007-April/msg02661.html VMware ESXI was updated on 28. April 2011. Is this bug fixed in CentOS 6? RHEL 6 beta: the bug was included so far as I have read. -- Viele Gr??e Helmut

Hello, I use procedures for backup with rsync. The data where "pulled" by the backup server. Sender: Now CentOS 5.9, receiver CentOS 6 updated on July 3. Up to yesterday it run OK. Today morning I made yum update to sender CentOS 5 Now I get rsync: connection unexpectedly closed (0 bytes received so far) [receiver] rsync error: error in rsync protocol data stream (code 12) at

Helo, this morning I have had a pop up Window in the gnome desktop, that - the esc service is stopped - I should restart the esc service or - restart the computer But there is no esc servcie in CentOS 5 ?! What to do? As far as I know, the server is ok. So I have closed the pop up. It does not come up again after later login. -- Viele Gr??e Helmut Drodofsky Internet XS Service GmbH

Helo, the solution was now found in dmesg. I/O error for the journal. dmesg was updated, /var/log/messages not. I think because of read only file system. Best regards Helmut Helo, up to 04:02 the root file system was OK. With the logrotate activities there are messages: read only. Last entry in /var/log/messages is the sendmail entry from logrotate. less /etc/mtab gives: /dev/sda1 /

Hello, now I have spent many hours to configure openswan for VPN connections without any success. My goal: VPN Server CentOS 6 with public IPv4 VPN Client (= road warrier) from private site with NAT router or from mobile cell with Linux, Windows 7, Mac, iPhone or Android Is there any how to in the net? When I read file:///usr/share/doc/openswan-doc-2.6.32/config.html then I belive, there is

Is the maximum permitted value for --hitcount documented anywhere? I reliably get a iptables-restore error when I specify a hitcount value greater than 20 but I cannot find any mention of there being a maximum value. -- *** E-Mail is NOT a SECURE channel *** James B. Byrne mailto:ByrneJB at Harte-Lyne.ca Harte & Lyne Limited

Hello, booting starts /etc/init.d/nfslock. today, rpc.statd used port 873. later starting xinetd finds port used and disabled rsync daemon. So its more or less a lucky break, to boot CentOS and have rsync running? In /etc/rc3.d is S14nfslock S56xinetd so by design xinetd starts always after nfslock!!!! Best regards -- Viele Gr??e i.V. Helmut Drodofsky ________________________________

Helo, up to 04:02 the root file system was OK. With the logrotate activities there are messages: read only. Last entry in /var/log/messages is the sendmail entry from logrotate. less /etc/mtab gives: /dev/sda1 / ext3 rw 0 0 proc /proc proc rw 0 0 sysfs /sys sysfs rw 0 0 devpts /dev/pts devpts rw,gid=5,mode=620 0 0 tmpfs /dev/shm tmpfs rw 0 0 none /proc/sys/fs/binfmt_misc binfmt_misc rw 0 0

Hello, there is one route missing: 128.0.0.0/1. config client: route-nopull redirect-gateway def1 bypass-dhcp best regards Helmut Viele Gr??e Helmut Drodofsky Internet XS Service GmbH He?br?hlstra?e 15 70565 Stuttgart Gesch?ftsf?hrung Dr.-Ing. Roswitha Hahn-Drodofsky HRB 21091 Stuttgart USt.ID: DE190582774 Tel. 0711 781941 0 Fax: 0711 781941 79 Mail: info at internet-xs.de

This was sent to me regarding the wiki. ---------- Forwarded message ---------- From: "Martin Kon??ek" <mkonicek12 at gmail.com> Date: Mar 7, 2013 4:44 AM Subject: mistake on Securing SSH To: <timothy.ty.lee at gmail.com> Cc: Hi TImothy, I saw wiki http://wiki.centos.org/HowTos/Network/SecuringSSH and it is pretty good, but there is a mistake. *Instead of having* iptables

Hello, my CentOS 6.2 server sends the daily messages correct e.g. today at Feb 1 03:31:14 At the beginning of work hours (9:00 am local time): Feb 1 10:06:17 server postfix/sendmail[27125]: fatal: chdir /var/spool/postfix: Permission denied Solution: restorecon -R /var/spool/postfix/ Afterwards, postfix is OK again. My own cron jobs will be run latest 1 am What daily cron job destroys