search for: droplog

...T) target prot opt source destination REDIRECT tcp -- 0.0.0.0/0 !10.183.4.2 tcp dpt:80 redir ports 3128 This rule was created with: iptables -t nat -A PREROUTING -d ! 10.183.4.2 -p tcp --dport www -j REDIRECT --to-port 3128 For loggin purposes: iptables -N droplog iptables -A droplog -j ULOG --ulog-prefix Dropado --ulog-nlgroup 6 After the firewall rules, there is a final one: iptables -A FORWARD -j droplog Transparent proxy is working most of the time, but sometimes this shows on log: Apr 24 10:18:10 proxy: Dropado IN=eth0 OUT=eth1 SRC=10.183.4.37 DST=200...

...OP iptables -t filter -A INPUT -i $EXT_IFACE -p tcp \ -d $IP --dport http -m string \ --string ".exe?/c+tftp" -j DROP iptables can detect and block inbound port scans with the following rule: # DROP inbound port scans iptables -t nat -A PREROUTING -i $EXT_IFACE \ -d $IP -m psd -j DROPLOG use iptables to limit new inbound TCP packets to prevent a Denial of Service attack. This is accomplished with the following rules: # Create syn-flood chain for detecting # Denial of Service attacks iptables -t nat -N syn-flood # Limit 12 connections per second (burst to 24) iptables -t nat -A...