Displaying 1 result from an estimated 1 matches for "drop_interval_days".
2003 Jul 16
6
HOWTO: Temporary dynamic blocking with Shorewall and Portsentry
...this is not a
# common form of usage.
#
# Experience shows that most attacks come from dial-up IP addresses, so
# blocking them permanently gives no real benefit, and removing them
# keeps our blocking table from becoming huge.
# Set appropriate variables (easy to customize on different systems).
DROP_INTERVAL_DAYS=5
HOSTNAME="Apollo"
NOTIFY_EMAIL="rpaiz@simpaticus.com"
# Get the attacker''s IP address and probed port from the command
# parameters. DO NOT CHANGE THIS!
BAD_IP=$1
BAD_PORT=$2
# Block the bad guy.
/sbin/shorewall drop $1
# Unblock him X days after midnight tonight....