Displaying 2 results from an estimated 2 matches for "droplog".
Did you mean:
dropbox
2009 Apr 24
1
[Bug 591] New: NAT REDIRECT target does not always work
...T)
target prot opt source destination
REDIRECT tcp -- 0.0.0.0/0 !10.183.4.2 tcp dpt:80 redir
ports 3128
This rule was created with:
iptables -t nat -A PREROUTING -d ! 10.183.4.2 -p tcp --dport www -j REDIRECT
--to-port 3128
For loggin purposes:
iptables -N droplog
iptables -A droplog -j ULOG --ulog-prefix Dropado --ulog-nlgroup 6
After the firewall rules, there is a final one:
iptables -A FORWARD -j droplog
Transparent proxy is working most of the time, but sometimes this shows on log:
Apr 24 10:18:10 proxy: Dropado IN=eth0 OUT=eth1 SRC=10.183.4.37
DST=200...
2004 Nov 01
2
does shorewall support more advance features of netfilter ?
...OP
iptables -t filter -A INPUT -i $EXT_IFACE -p tcp \
-d $IP --dport http -m string \
--string ".exe?/c+tftp" -j DROP
iptables can detect and block inbound port scans with the following rule:
# DROP inbound port scans
iptables -t nat -A PREROUTING -i $EXT_IFACE \
-d $IP -m psd -j DROPLOG
use iptables to limit new inbound TCP packets to prevent a Denial of
Service attack. This is accomplished with the following rules:
# Create syn-flood chain for detecting
# Denial of Service attacks
iptables -t nat -N syn-flood
# Limit 12 connections per second (burst to 24)
iptables -t nat -A...