On 10/9/2013 7:01 PM, Kilburn Abrahams wrote:> Hi,
>
> 1. Would it be possible to specific ports in dymanic blacklisting, like
> shorewall drop x.x.x.x 25,22
It''s not currently possible and I have no plans to implement such a
thing. If you want to specify protocols and ports, use the blrules file
and do a ''shorewall refresh''.
>
> 2. What would happen if you implement a dynamic blacklisting save and
> put the entry into blrules file then restart shorewall. How does
> shorewall handle the duplicate.
>
You will end up with two rules for the same address; one on the
''dynamic'' chain and one in the appropriate zone-to-zone
blacklist chains.
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from
the latest Intel processors and coprocessors. See abstracts and register >
http://pubads.g.doubleclick.net/gampad/clk?id=60134071&iu=/4140/ostg.clktrk