search for: xt_recent

...Version: unspecified Hardware: x86_64 OS: All Status: NEW Severity: enhancement Priority: P5 Component: default Assignee: netfilter-buglog at lists.netfilter.org Reporter: murf at parsetree.com I measure the xt_recent hash table's speed to enter an ip into the hash, and compared with ipset add speed. recent, via this method: echo +<addr> >/proc/net/xt_recent/DEFAULT is 13 times faster than ipset add <addr> Now, ipset has these advantages against recent: recent has size limits you must defi...

...WqDOb) entering forwarding state 2011-10-24 19:34:40 [ 318.675038] br0: port 2(veth2WqDOb) entering disabled state 2011-10-24 19:34:40 [ 318.703903] ------------[ cut here ]------------ 2011-10-24 19:34:40 [ 318.703960] kernel BUG at /build/buildd/linux-lts-backport-maverick-2.6.35/net/netfilter/xt_recent.c:609! 2011-10-24 19:34:40 [ 318.704017] invalid opcode: 0000 [#1] SMP 2011-10-24 19:34:40 [ 318.704137] last sysfs file: /sys/devices/system/cpu/cpu3/cache/index1/shared_cpu_map 2011-10-24 19:34:40 [ 318.704189] CPU 3 2011-10-24 19:34:40 [ 318.704231] Modules linked in: xt_recent veth btrfs...

...27864 2 ip6table_filter,xt_TPROXY iptable_filter 12810 1 ip_tables 27473 4 iptable_raw,iptable_nat,iptable_mangle,iptable_filter x_tables 29891 52 ebt_arp,ebt_ip,ip6table_filter,ebtables,xt_time,xt_connlimit,xt_realm,xt_addrtype,iptable_raw,xt_comment,xt_recent,xt_policy,ipt_ULOG,ipt_REJECT,ipt_REDIRECT,ipt_NETMAP,ipt_MASQUERADE,ipt_ECN,ipt_ecn,ipt_CLUSTERIP,ipt_ah,xt_set,xt_TPROXY,ip6_tables,xt_tcpmss,xt_pkttype,xt_physdev,xt_owner,xt_NFQUEUE,xt_NFLOG,xt_multiport,xt_mark,xt_mac,xt_limit,xt_length,xt_iprange,xt_helper,xt_hashlimit,xt_DSCP,xt_dscp,xt_dccp...

...dules linked in: raid456 async_raid6_recov async_memcpy async_pq async_xor xor async_tx raid6_pq act_police cls_basic cls_flow cls_fw cls_u32 sch_tbf sch_prio sch_htb sch_hfsc sch_ingress sch_sfq xt_CHECKSUM ipt_rpfilter xt_statistic xt_CT xt_LOG xt_time xt_connlimit xt_realm xt_addrtype xt_comment xt_recent xt_policy xt_nat ipt_ULOG ipt_REJECT ipt_MASQUERADE ipt_ECN ipt_CLUSTERIP ipt_ah xt_set ip_set nf_nat _tftp nf_nat_snmp_basic nf_conntrack_snmp nf_nat_sip nf_nat_pptp nf_nat_proto_gre nf_nat_irc nf_nat_h323 nf_nat_ftp nf_conntrack_tftp nf_conntrack_sip nf_conntrack_proto_udplite nf_conntrack_proto_...

Dave McGuire writes: >> http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/AllowNets >> >> then setup fail2ban to manage extrafields > > Now that's a very interesting idea, thank you! I will investigate this. If you don't expect yor firewall to handle 45K+ IPs, I'm not how you expect dovecot will handle a comma separated string with 45K+ entries any

...next=ffff8803f611fa68). Jan 30 09:46:13 qb-storage kernel: Modules linked in: nfsd lockd nfs_acl auth_rpcgss sunrpc act_police cls_basic cls_flow cls_fw cls_u32 sch_tbf sch_prio sch_htb sch_hfsc sch_ingress sch_sfq bridge stp llc xt_statistic xt_time xt_connlimit xt_realm iptable_raw xt_comment xt_recent xt_policy ipt_ULOG ipt_REJECT ipt_REDIRECT ipt_NETMAP ipt_MASQUERADE ipt_ECN ipt_ecn ipt_CLUSTERIP ipt_ah ipt_addrtype xt_set ip_set nf_nat_tftp nf_nat_snmp_basic nf_conntrack_snmp nf_nat_sip nf_nat_pptp nf_nat_proto_gre nf_nat_irc nf_nat_h323 nf_nat_ftp nf_nat_amanda ts_kmp nf_conntrack_amanda...

https://bugs.freedesktop.org/show_bug.cgi?id=75569 Priority: medium Bug ID: 75569 Assignee: nouveau at lists.freedesktop.org Summary: [nv34] [v3.14-rc3] DMA_PUSHER get 0x00029044 put 0x000184d0 state 0x80000040 (err: INVALID_CMD) push 0x00000000 QA Contact: xorg-team at lists.x.org Severity:

...gt;> iptable_filter 12810 1 >> ip_tables 27473 4 >> iptable_raw,iptable_nat,iptable_mangle,iptable_filter >> x_tables 29891 52 >> ebt_arp,ebt_ip,ip6table_filter,ebtables,xt_time,xt_connlimit,xt_realm,xt_addrtype,iptable_raw,xt_comment,xt_recent,xt_policy,ipt_ULOG,ipt_REJECT,ipt_REDIRECT,ipt_NETMAP,ipt_MASQUERADE,ipt_ECN,ipt_ecn,ipt_CLUSTERIP,ipt_ah,xt_set,xt_TPROXY,ip6_tables,xt_tcpmss,xt_pkttype,xt_physdev,xt_owner,xt_NFQUEUE,xt_NFLOG,xt_multiport,xt_mark,xt_mac,xt_limit,xt_length,xt_iprange,xt_helper,xt_hashlimit,xt_DSCP,xt_dscp,xt_dccp...

...haps" go this way https://sys4.de/de/blog/2014/03/27/fighting-smtp-auth-brute-force-attacks/ https://sys4.de/de/blog/2012/12/28/botnets-mit-rsyslog-und-iptables-recent-modul-abwehren/ 45K+ IPs will work in a recent table i have them too but for smtp only like echo 10000000 > /sys/module/xt_recent/parameters/ip_list_tot combine with geoip might be a good idea too is ultra faster then fail2ban cause no log file parsing is needed or an other idea you might test, configure a syslog filter pumping in a recent table the direct way Best Regards MfG Robert Schetterer -- [*] sys4 AG http://s...

...e_filter,xt_TPROXY > iptable_filter 12810 1 > ip_tables 27473 4 > iptable_raw,iptable_nat,iptable_mangle,iptable_filter > x_tables 29891 52 > ebt_arp,ebt_ip,ip6table_filter,ebtables,xt_time,xt_connlimit,xt_realm,xt_addrtype,iptable_raw,xt_comment,xt_recent,xt_policy,ipt_ULOG,ipt_REJECT,ipt_REDIRECT,ipt_NETMAP,ipt_MASQUERADE,ipt_ECN,ipt_ecn,ipt_CLUSTERIP,ipt_ah,xt_set,xt_TPROXY,ip6_tables,xt_tcpmss,xt_pkttype,xt_physdev,xt_owner,xt_NFQUEUE,xt_NFLOG,xt_multiport,xt_mark,xt_mac,xt_limit,xt_length,xt_iprange,xt_helper,xt_hashlimit,xt_DSCP,xt_dscp,xt_dccp...

...:07:15 localhost kernel: Hardware name: Feb 1 04:07:15 localhost kernel: NETDEV WATCHDOG: eth0 (r8169): transmit queue 0 timed out Feb 1 04:07:15 localhost kernel: Modules linked in: tcp_diag inet_diag bluetooth rfkill bnx2fc fcoe libfcoe libfc 8021q scsi_transport_fc garp scsi_tgt stp llc sunrpc xt_recent xt_state xt_multiport iptable_filter ipt_REDIRECT ipt_MASQUERADE iptable_nat nf_nat nf_conntrack_ipv4 iptable_raw xt_MARK xt_socket nf_conntrack nf_defrag_ipv4 ip6_tables nf_defrag_ipv6 iptable_mangle ip_tables ext2 ppdev parport_pc parport serio_raw sg i2c_i801 snd_hda_codec_realtek snd_hda_intel...

...sys4.de/de/blog/2014/03/27/fighting-smtp-auth-brute-force-attacks/ > > https://sys4.de/de/blog/2012/12/28/botnets-mit-rsyslog-und-iptables-recent-modul-abwehren/ > > 45K+ IPs will work in a recent table > i have them too but for smtp only like > > echo 10000000 > /sys/module/xt_recent/parameters/ip_list_tot > > combine with geoip might be a good idea too > > is ultra faster then fail2ban cause no log file parsing is needed > > or an other idea > you might test, configure a syslog filter pumping in a recent table the > direct way that is all nice but the...

...filter 12810 1 >>> ip_tables 27473 4 >>> iptable_raw,iptable_nat,iptable_mangle,iptable_filter >>> x_tables 29891 52 >>> ebt_arp,ebt_ip,ip6table_filter,ebtables,xt_time,xt_connlimit,xt_realm,xt_addrtype,iptable_raw,xt_comment,xt_recent,xt_policy,ipt_ULOG,ipt_REJECT,ipt_REDIRECT,ipt_NETMAP,ipt_MASQUERADE,ipt_ECN,ipt_ecn,ipt_CLUSTERIP,ipt_ah,xt_set,xt_TPROXY,ip6_tables,xt_tcpmss,xt_pkttype,xt_physdev,xt_owner,xt_NFQUEUE,xt_NFLOG,xt_multiport,xt_mark,xt_mac,xt_limit,xt_length,xt_iprange,xt_helper,xt_hashlimit,xt_DSCP,xt_dscp,xt_dccp...

...] Oops: 0000 [#1] PREEMPT SMP [ 2643.920487] Modules linked in: act_police cls_basic cls_flow cls_fw cls_u32 sch_fq_codel sch_tbf sch_prio sch_htb sch_hfsc sch_sfq arptable_filter arp_tables xt_CHECKSUM ipt_rpfilter xt_geoip(O) xt_statistic xt_CT xt_LOG xt_connlimit xt_realm xt_addrtype xt_comment xt_recent ipt_ULOG ipt_MASQUERADE ipt_ECN ipt_CLUSTERIP ipt_ah xt_set nf_nat_tftp nf_nat_snmp_basic nf_conntrack_snmp nf_nat_sip nf_nat_pptp nf_nat_proto_gre nf_nat_irc nf_nat_h323 nf_nat_ftp nf_nat_amanda ts_kmp nf_conntrack_amanda nf_conntrack_sane nf_conntrack_tftp nf_conntrack_sip nf_conntrack_proto_udpl...

after having my own dnsbl feeded by a honeypot and even mod_security supports it for webservers i think dovecot sould support the same to prevent dictionary attacks from known bad hosts, in our case that blacklist is 100% trustable and blocks before SMTP-Auth while normal RBL's are after SASL i admit that i am not a C/C++-programmer, but i think doing the DNS request and in case it has a

...fs/btrfs/inode.c:806! Aug 4 02:26:06 rohan kernel: [ 3878.947216] invalid opcode: 0000 [#1] SMP Aug 4 02:26:06 rohan kernel: [ 3878.947238] CPU 1 Aug 4 02:26:06 rohan kernel: [ 3878.947248] Modules linked in: btrfs zlib_deflate libcrc32c pci_stub vboxpci(O) vboxnetadp(O) vboxnetflt(O) vboxdrv(O) xt_recent xt_state xt_tcpudp iptable_nat nf_nat nf_conntrack_ipv4 nf_conntrack nf_defrag_ipv4 iptable_filter ip_tables x_tables rfcomm bnep bluetooth parport_pc ppdev binfmt_misc dm_crypt snd_hda_codec_realtek snd_hda_intel snd_hda_codec snd_hwdep snd_pcm snd_seq_midi snd_rawmidi snd_seq_midi_event snd_seq s...

...t;ffffffffa0426b19>] nouveau_fence_wait_uevent.isra.5+0x19/0x450 [nouveau] [56953.400984] PGD d1cf2067 PUD d2ac8067 PMD 0 [56953.400998] Oops: 0000 [#1] PREEMPT SMP [56953.401010] Modules linked in: xt_CHECKSUM ipt_rpfilter xt_statistic xt_CT xt_LOG xt_connlimit xt_realm xt_addrtype xt_comment xt_recent xt_nat ipt_ULOG ipt_REJECT ipt_MASQUERADE ipt_ECN ipt_ah xt_set ip_set nf_nat_tftp nf_nat_sip nf_nat_pptp nf_nat_proto_gre nf_nat_irc nf_nat_h323 nf_nat_ftp nf_nat_amanda ts_kmp nf_conntrack_amanda nf_conntrack_sane nf_conntrack_tftp nf_conntrack_sip nf_conntrack_proto_udplite nf_conntrack_proto_sc...

http://bugzilla.netfilter.org/show_bug.cgi?id=765 Summary: Netfilter crash on bridged/TAP device on 2.6.38 & 3.0 kernels Product: netfilter/iptables Version: linux-2.6.x Platform: x86_64 OS/Version: Ubuntu Status: NEW Severity: major Priority: P2 Component: bridging

...al (15): Merge branch 'stable-1.4.20' iptables.8: --policy is either ACCEPT or DROP extensions: libxt_connlabel: do not open config file from _init hook man: string: document icase tests: split into family and table specific files tests: add test case for xt_recent regression extensions: remove MIRROR extensions: remove SAME target extensions: remove 'unclean' match extensions: add more test cases for iptables-test.py extensions: SNPT,DNPT: fix save/print output extensions/libxt_recent.t: add test case for 3.19 regr...

https://bugs.freedesktop.org/show_bug.cgi?id=108857 Bug ID: 108857 Summary: display becomes unresponsive and keyboard input fails Product: xorg Version: unspecified Hardware: x86-64 (AMD64) OS: Linux (All) Status: NEW Severity: major Priority: medium Component: Driver/nouveau