Displaying 9 results from an estimated 9 matches for "log_rule_limit".
2004 Feb 10
22
Re: [Shorewall-newbies] specific log-prefix ... patch
Let''s move this to the Shorewall Development list....
On Tuesday 10 February 2004 03:14 pm, xavier wrote:
> here is a patch to allow this :
> |ACCEPT<10/sec:20>:debug fw lan:$ntp_servers udp 123 - - - - ntp
>
> a problem with the patch is that now the logprefix is mandatory.
> i''m trying to debug it, but i can''t find the flaw.
Also, with
2004 Jul 15
3
slight simplification to firewall log_rule_limit code
I think you can change the existing firewall logging code for
log_rule_limit (where you have one case for for LOGRULENUMBERS and
another almost identical case without) down to this slightly shorter
version with no duplication (excerpt):
if [ -n "$LOGRULENUMBERS" ]; then
eval rulenum=\$${chain}_logrules
[ -z "$rulenum" ] && ru...
2005 Mar 01
1
Logging patch
Hi,
I''ve attached a patch which fixes a logging problem with
log_rule_limit in custom actions. E.g. this action:
,----[ Whitelist ]
| if [ -n "$LEVEL" ]; then
| run_iptables -N ${CHAIN}Add
| log_rule_limit $LEVEL ${CHAIN}Add WhitelistAdd DROP "$LOG_LIMIT" $TAG
| run_iptables -A ${CHAIN}Add -j DROP
| run_iptables -N ${CHAIN}Del
| lo...
2005 May 12
12
New Article at Shorewall.net
This article describes how to implement "Port Knocking" in Shorewall.
http://shorewall.net/PortKnocking.html
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net
PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
2008 Jun 18
8
Expanding SSHKnock shell script, a few questions please
...figured out, but since it''s a live firewall, I don''t want to start mucking with it (and no I''m not really using port 1600 for the knock, I did change it!).
I think this is what I need, did I get it right?
/etc/shorewall/SSHKnock
if [ -n "$LEVEL" ]; then
log_rule_limit $LEVEL $CHAIN SSHKnock ACCEPT "" "$TAG" -A -p tcp --dport 22 -m recent --rcheck --name SSH
log_rule_limit $LEVEL $CHAIN SSHKnock ACCEPT "" "$TAG" -A -p tcp --dport 2222 -m recent --rcheck --name SSH
log_rule_limit $LEVEL $CHAIN SSHKnock DROP &qu...
2003 Oct 08
2
Problem with /bin/ash
...yn
+ find_file newnotsyn
+ [ -n -a -f /newnotsyn ]
+ echo /etc/shorewall/newnotsyn
+ local user_exit=/etc/shorewall/newnotsyn
+ [ -f /etc/shorewall/newnotsyn ]
+ [ -n info ]
+ log_rule info newnotsyn DROP
+ local level=info
+ local chain=newnotsyn
+ local disposition=DROP
+ shift
+ shift
+ shift
+ log_rule_limit info newnotsyn DROP --match limit --limit 1/second \
--limit-burst 60
+ local level=info
+ local chain=newnotsyn
+ local disposition=DROP
+ local rulenum=
+ local limit=--match limit --limit 1/second --limit-burst 60
local: --limit: bad variable name
+ shift
+ shift
+ shift
+ shift
+ [ -n ]
+ eval...
2005 Feb 23
9
shorewall friendly way of limiting ssh brute force attacks?
I was wondering if anyone had implemented rules like this in shorewall:
http://blog.andrew.net.au/tech
I see tons of brute force attempts on the machines I administer, and I like
the idea of limiting them without the need for extra daemons scanning for
attacks.
Thanks,
Dale
--
Dale E. Martin - dale@the-martins.org
http://the-martins.org/~dmartin
2013 Aug 31
23
ERROR: Log level INFO requires LOG Target in your kernel and iptables
Hi,
I have 2 Debian testing boxes running a very similar setup (both running
the latest aptosid kernel); on one of them, since the
iptables/libxtables10 packages have been upgraded from 1.4.19.1-1 to
1.4.20-2, shorewall-init can''t start shorewall anymore and for this
reason ifupdown also fails triggering firewall up.
Shorewall can be successfully started later on, and ifupdown starts
2005 Feb 01
4
Shorewall problem
I am getting the following message when Shorewall stops can anybody shed
any light on this message and where I should be looking? Thanks
root@bobshost:~# shorewall stop
Loading /usr/share/shorewall/functions...
Processing /etc/shorewall/params ...
Processing /etc/shorewall/shorewall.conf...
Loading Modules...
Stopping Shorewall...Processing /etc/shorewall/stop ...
IP Forwarding Enabled