Hello, I think that I can not block a IP for X seconds with Shorewall. Only (drop and allow). Any way? Any plan for future ? -- -- -- Publicidad y Servicios http://www.pas-world.com Tienda http://informatica.precioventa.com ------------------------------------------------------------------------------ Stay on top of everything new and different, both inside and around Java (TM) technology - register by April 22, and save $200 on the JavaOne (SM) conference, June 2-5, 2009, San Francisco. 300 plus technical and hands-on sessions. Register today. Use priority code J9JMT32. http://p.sf.net/sfu/p
Developer wrote:> Hello, > I think that I can not block a IP for X seconds with Shorewall. Only > (drop and allow). > Any way? Any plan for future ?No way. No plans. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Stay on top of everything new and different, both inside and around Java (TM) technology - register by April 22, and save $200 on the JavaOne (SM) conference, June 2-5, 2009, San Francisco. 300 plus technical and hands-on sessions. Register today. Use priority code J9JMT32. http://p.sf.net/sfu/p
Tom Eastep wrote:> Developer wrote: >> Hello, >> I think that I can not block a IP for X seconds with Shorewall. Only >> (drop and allow). >> Any way? Any plan for future ? > > No way. No plans.Actually, you might be able to create an iptree ipset and add the set to the static blacklist. You can then add addresses with timeout to the ipset using the ''ipset'' utility. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Stay on top of everything new and different, both inside and around Java (TM) technology - register by April 22, and save $200 on the JavaOne (SM) conference, June 2-5, 2009, San Francisco. 300 plus technical and hands-on sessions. Register today. Use priority code J9JMT32. http://p.sf.net/sfu/p
Can Postysentry do this? I tried a long time ago... Worked to prevent portscans. [ ]''s On Wed, Apr 15, 2009 at 21:16, Tom Eastep <teastep@shorewall.net> wrote:> Tom Eastep wrote: > > Developer wrote: > >> Hello, > >> I think that I can not block a IP for X seconds with Shorewall. Only > >> (drop and allow). > >> Any way? Any plan for future ? > > > > No way. No plans. > > Actually, you might be able to create an iptree ipset and add the set to > the static blacklist. You can then add addresses with timeout to the > ipset using the ''ipset'' utility. > > -Tom > -- > Tom Eastep \ When I die, I want to go like my Grandfather who > Shoreline, \ died peacefully in his sleep. Not screaming like > Washington, USA \ all of the passengers in his car > http://shorewall.net \________________________________________________ > > > ------------------------------------------------------------------------------ > Stay on top of everything new and different, both inside and > around Java (TM) technology - register by April 22, and save > $200 on the JavaOne (SM) conference, June 2-5, 2009, San Francisco. > 300 plus technical and hands-on sessions. Register today. > Use priority code J9JMT32. http://p.sf.net/sfu/p > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users >-- Bruno Ayub. ------------------------------------------------------------------------------ Stay on top of everything new and different, both inside and around Java (TM) technology - register by April 22, and save $200 on the JavaOne (SM) conference, June 2-5, 2009, San Francisco. 300 plus technical and hands-on sessions. Register today. Use priority code J9JMT32. http://p.sf.net/sfu/p
Bruno Ayub wrote:> Can Postysentry do this? I tried a long time ago... Worked to prevent > portscans.Portsentry questions are probably best asked on a Portsentry list. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Stay on top of everything new and different, both inside and around Java (TM) technology - register by April 22, and save $200 on the JavaOne (SM) conference, June 2-5, 2009, San Francisco. 300 plus technical and hands-on sessions. Register today. Use priority code J9JMT32. http://p.sf.net/sfu/p
i have been using fail2ban for abt 2 months now for this purpose. works very well , no problems with shorewall. ________________________________ From: Bruno Ayub <bruno.ayub@gmail.com> To: Shorewall Users <shorewall-users@lists.sourceforge.net> Sent: Thursday, April 16, 2009 9:39:58 AM Subject: Re: [Shorewall-users] Dynamic blacklist and Time Can Postysentry do this? I tried a long time ago... Worked to prevent portscans. [ ]''s On Wed, Apr 15, 2009 at 21:16, Tom Eastep <teastep@shorewall.net> wrote: Tom Eastep wrote:> Developer wrote: >> Hello, >> I think that I can not block a IP for X seconds with Shorewall. Only >> (drop and allow). >> Any way? Any plan for future ? > > No way. No plans.Actually, you might be able to create an iptree ipset and add the set to the static blacklist. You can then add addresses with timeout to the ipset using the ''ipset'' utility. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Stay on top of everything new and different, both inside and around Java (TM) technology - register by April 22, and save $200 on the JavaOne (SM) conference, June 2-5, 2009, San Francisco. 300 plus technical and hands-on sessions. Register today. Use priority code J9JMT32. http://p.sf.net/sfu/p _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users -- Bruno Ayub. ------------------------------------------------------------------------------ Stay on top of everything new and different, both inside and around Java (TM) technology - register by April 22, and save $200 on the JavaOne (SM) conference, June 2-5, 2009, San Francisco. 300 plus technical and hands-on sessions. Register today. Use priority code J9JMT32. http://p.sf.net/sfu/p