search for: dstip

...d in in the SOCKS4 initiation packet. See http://www.socks.nec.com/protocol/socks4a.protocol for details, and here's a brief synopsis. The SOCKS4 initiation packet looks like this: +----+----+----+----+----+----+----+----+----+----+....+----+ | VN | CD | DSTPORT | DSTIP | USERID |NULL| +----+----+----+----+----+----+----+----+----+----+....+----+ # of bytes: 1 1 2 4 variable 1 >For version 4A, if the client cannot resolve the destination host's domain name to find its IP address, it should se...

...le, "NETFILTER drop ", it ends up getting mangled to "--log-prefix". excerpt from a file I feed to iptables-restore: -A LDROP -d 255.255.255.255/32 -p udp -j DROP -A LDROP -d 77.223.39.255/32 -p udp -j DROP -A LDROP -m hashlimit --hashlimit-above 1/min --hashlimit-mode srcip,dstip --hashlimit-burst 1 --hashlimit-name logldrop --hashlimit-htable-expire 60000 -j DROP -A LDROP -m limit --limit 5/s -j LOG --log-prefix "NETFILTER drop " --log-tcp-options --log-ip-options --log-uid --log-macdecode -A LDROP -j DROP iptables-restore succeeds. then: # iptables -nvx --list...

...rmal. The 'nat' table is traversed for every _first_ packet of a connection. You can delete all nat rules, but already-established connections will remain active (and NATed). Due to the connectionless operation of UDP, we cannot tell UDP sessions apart if they use the same (scrip,srcport,dstip,dstport) tuple. Apart from that, your -t nat -I PREROUTING -j DROP rule will also only consider the first packet of every connection. It seems like you have some misunderstanding about the semantics. ------- You are receiving this mail because: ------- You are on the CC list for the bug, or...

Hi all Can iptables have log and deny rule together? if no. how can I make a deny rule and log rule and the log rule can limit the log entry eg: 200 if yes, how can I make it I am using freebsd ipfw. eg: ipfw add 22 deny log all from any to x.x.x.x thank you ____________________________________________________________________________________ Take the Internet to Go: Yahoo!Go puts the

...the same CPU, and configure process scheduling to tie a single NSD server process to each of those CPUs. (Too complex for us! And of course this has it's drawbacks, too, wrt load distribution at least. And unfortunately our Intel igb NICs only can choose the receive queue based on IPv4 srcip,dstip tuples but all IPv6 packets end up always in the same queue.) FWIW, the unblocking seems to be triggered every time by this, around line 425 of rrl.c from nsd-3.2.16: ----- } else if(now - b->stamp > 0) { /* older bucket */ int olderblock = used_to_blo...

...pt/openssh/bin), and also inserting /bin (which the telnet session lacked) SSH: PATH=/usr/bin:/bin:/usr/sbin:/sbin:/opt/openssh/bin:/usr/ccs/bin Telnet: PATH=/usr/bin:/usr/sbin:/usr/ccs/bin + Only the SSH session contains: SSH_TTY=/dev/pts/xx SSH_CONNECTION="srcIP srcport dstIP dstport" SSH_CLIENT="srcIP srcport dstport" USER=jlibove + The MAIL variable in the SSH session has an extra '/' in it: MAIL=/var/mail//jlibove compared to the telnet session MAIL=/var/mail/jlibove None of these seem critical, though the MAIL setting do...