search for: dstports

Displaying 16 results from an estimated 16 matches for "dstports".

Did you mean: dstport
2005 Jun 01
2
TC Filtering Problems
Dear Admins and Hackers, maybe i am to stupid to use ''tc''. But i having logical Problems to understand the Filter Rules in tc. Common Config: There is a Linux Engine (Debian) with a 2.6.11.11 Kernel which act as Packetshaper. Two Interfaces eth0 and eth1 are installed. Interface ''eth0'' is the Firewall Side Net 195.185.185.0/24. Interface
2020 Jan 01
2
Passing multiple addresses with masks to nwfilter
Hello, I have a nwfilter that I'm using to ensure that libvirt domains can't spoof IPv6 traffic. It looks like this: <filter name='no-ipv6-spoofing' chain='ipv6-ip' priority='-710'> <rule action='return' direction='out' priority='500'> <ipv6 srcipaddr='$IPV6' srcipmask='$IPV6MASK'/> </rule>
2015 Oct 13
2
UEFI: Failed to load ldlinux.e64/ldlinux.e32
On Sun, Oct 11, 2015 at 3:15 PM, Michael Glasgow <glasgow at beer.net> wrote: > I'm not sure what the decaying i/o issue looks like. It's a bit > slow loading the initrd, but I think the efi drivers are just slow > in general. Just in case, I went ahead and did a capture on the > g18 patch loading OL 7.1, which you can grab from here: > >
2020 Jan 01
0
Re: Passing multiple addresses with masks to nwfilter
...priority='500'> <ipv6 srcipaddr='$IPV6[@1]' srcipmask='$IPV6_MASK[@1]'/> </rule> <rule action='drop' direction='out' priority='1000'/> </filter> The documentation reads: Assign concrete values to SRCIPADDRESSES and DSTPORTS as shown: SRCIPADDRESSES = [ 10.0.0.1, 11.1.2.3 ] DSTPORTS = [ 80, 8080 ] But I'm not sure how to pass through an array of <parameter>s in the filterref. Is this possible? On Wed, Jan 1, 2020 at 12:39 PM Brooks Swinnerton <bswinnerton at gmail.com> wrote: > Hello, > &gt...
2018 Jul 26
1
[Bug 1273] New: hashlimit never appears to fail to match under 4.9.x
https://bugzilla.netfilter.org/show_bug.cgi?id=1273 Bug ID: 1273 Summary: hashlimit never appears to fail to match under 4.9.x Product: netfilter/iptables Version: unspecified Hardware: x86_64 OS: All Status: NEW Severity: major Priority: P5 Component: ip_tables (kernel)
2002 May 10
1
Patch for SOCKS4A in OpenSsh
I love SSH's ability to dynamically forward ports using SOCKS (either -D or DynamicForward) (ie "ssh -D 1081 private.mine.net"). But the thing that has caused me some pain, is that only SOCKS4 is supported. The SOCKS4 proxy specification does not permit hostnames, but only IP addresses. This isn't much of a problem if the target host is a public Internet host or otherwise DNS
2015 Oct 25
1
UEFI: Failed to load ldlinux.e64/ldlinux.e32
On Sun, Oct 25, 2015 at 6:31 AM, Geert Stappers via Syslinux <syslinux at zytor.com> wrote: > On Mon, Oct 12, 2015 at 08:44:18PM -0400, Gene Cumm via Syslinux wrote: >> On Sun, Oct 11, 2015 at 3:15 PM, Michael Glasgow <glasgow at beer.net> wrote: >> >> > I'm not sure what the decaying i/o issue looks like. It's a bit >> > slow loading the
2003 Apr 08
2
OpenSSH 3.6.1p1 on NCR MP-RAS v4.3, several weird terminal problems
I compiled OpenSSH 3.6.1p1 on NCR MP-RAS v4.3 (or at least "uname -a"'s output of 4.0.3.0 suggests v4.3, I'm not positive). I was able to compile zlib (1.1.4) and openssl (0.9.7a) with little trouble. OpenSSH took hand-hacking the includes.h file as follows: diff -cr openssh-3.6.1p1/includes.h openssh-3.6.1p1-customized/includes.h *** openssh-3.6.1p1/includes.h Sun Oct 20
2011 Mar 03
2
[Bug 706] Iptables randomly reject some packets that have accept rule
http://bugzilla.netfilter.org/show_bug.cgi?id=706 Jan Engelhardt <jengelh at medozas.de> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jengelh at medozas.de --- Comment #1 from Jan Engelhardt <jengelh at medozas.de> 2011-03-03 14:20:30
2019 Sep 03
1
Sporadic duplicate requests with lpxelinux.0
Hello, I am seeing sporadic duplicate read requests from lpxelinux.0 (6.03 from kernel.org), which results in a failed PXE boot. This happens only sporadic, but happens often enough to be annoying. The TFTP server serving lpxelinux.0 is running CentOS 7.6 with all updates applied. The client machine initiates the PXE boot, receives the lpxelinux.0 binary, downloads ldlinux.c32 and proceeds to
2015 Oct 25
0
UEFI: Failed to load ldlinux.e64/ldlinux.e32
On Mon, Oct 12, 2015 at 08:44:18PM -0400, Gene Cumm via Syslinux wrote: > On Sun, Oct 11, 2015 at 3:15 PM, Michael Glasgow <glasgow at beer.net> wrote: > > > I'm not sure what the decaying i/o issue looks like. It's a bit > > slow loading the initrd, but I think the efi drivers are just slow > > in general. Just in case, I went ahead and did a capture on
2007 Apr 08
2
IP Tables block for POP3 attacks with Dovecot
Has anyone implemented a script to block IPs which are attacking on POP3 ports using dovecot logs to indicate repetitive failed login attempts? sshblack does this nicely for ssh (port 22) attacks by monitoring the /var/log/secure file. I am considering rewriting this to POP3 port (110), but if it has already been done, I sure don't need the practice. Thanks!
2003 Apr 14
0
[Bug 77] a bug in the chain PREROUTING of the table nat
https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=77 laforge@netfilter.org changed: What |Removed |Added ---------------------------------------------------------------------------- Severity|critical |trivial Status|NEW |RESOLVED Resolution|
2000 Nov 24
2
Getting the authctxt
My port forwarding changes require an authorization (authentication) context in channel_connect_to(). I'd like to change the dispatch_* functions so that they accept an Authctxt * instead of a void * (this parameter is already used this way). In addition, I'd have to pass the authctxt all the way down to channel_connect_to(). As a side effect, it's possible to get rid of the global
2017 Feb 03
4
[Bug 1117] New: Table ipv4-nat prerouting dnat doesn't accept dest IP:PORT
https://bugzilla.netfilter.org/show_bug.cgi?id=1117 Bug ID: 1117 Summary: Table ipv4-nat prerouting dnat doesn't accept dest IP:PORT Product: nftables Version: unspecified Hardware: x86_64 OS: All Status: NEW Severity: enhancement Priority: P5 Component: nft
2015 Oct 11
4
UEFI: Failed to load ldlinux.e64/ldlinux.e32
On Oct 11, 2015 1:26 AM, "Michael Glasgow" <glasgow at beer.net> wrote: > > Gene Cumm wrote: > > >> My test x86-64 binaries: > > >> > > >> https://sites.google.com/site/genecsyslinux/sl604p0g17-x64.tgz?attredirects=0&d=1 > > > > On Fri, Oct 2, 2015 at 4:46 PM, Derrick M <derrick.martinez at gmail.com> wrote: > >