Displaying 20 results from an estimated 6000 matches similar to: "centos 5.5: iptables: module recent"
2012 Jun 11
1
iptables: hitcount
Hello,
up to CentOS 5.3 it was possible, to control new ip connections by
"recent", "seconds" and "hitcount"
-A INPUT -m state --state NEW -m recent --set -p tcp --dport 80
-A INPUT -m state --state NEW -m recent --update --seconds 60 --hitcount
1000 -p tcp --dport 80 -j LOG --log-prefix "FW DROP IP Flood: "
-A INPUT -p tcp -m tcp --dport 80 -m state
2009 Aug 16
1
to filter dos ip using iptables recent
Hello, all.
I read this document about iptables recent module.
http://blog.andrew.net.au/2005/02/16#ipt_recent_and_ssh_attacks
and I would like to filter the excessive spam mail sending ip address by iptables recent module.
and some questions.
iptables -A INPUT -p tcp --dport 25 -m state --state NEW -m recent --set --name SPAM
iptables -A INPUT -p tcp --dport 25 -m state --state NEW -m
2012 Nov 09
1
iptables: recent nolonger supported in Centos 5.8?!
Helo,
we use recent to control ip traffic.
kernel 2.6.18-308.13.1.el5 : all is OK
kernel 2.6.18-308.16.1.el5 : the first recent statement causes an error.
E.g.:
iptables -A INPUT -m state --state NEW -m recent --set -p tcp --dport 80
iptables: Unknown error 18446744073709551615
The man pages say: recent is supported.
CentOS 6: is OK
Knows anyone more?
Best regards
Helmut Drodofsky
--
Viele
2009 Dec 22
2
IPTABLES --hitcount maximum value
Is the maximum permitted value for --hitcount documented anywhere?
I reliably get a iptables-restore error when I specify a hitcount
value greater than 20 but I cannot find any mention of there being a
maximum value.
--
*** E-Mail is NOT a SECURE channel ***
James B. Byrne mailto:ByrneJB at Harte-Lyne.ca
Harte & Lyne Limited
2008 Aug 19
4
Simple IPTABLES Question
I added these rules to IPTABLES to slow brute force attacks.
iptables -A INPUT -p tcp --dport 22 -s my_subnet/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent
--set --name SSH
iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent
--update --seconds 60 --hitcount 5 --rttl --name SSH -j DROP
I would like log entries when connections are dropped to see
2013 Mar 07
1
Fwd: mistake on Securing SSH
This was sent to me regarding the wiki.
---------- Forwarded message ----------
From: "Martin Kon??ek" <mkonicek12 at gmail.com>
Date: Mar 7, 2013 4:44 AM
Subject: mistake on Securing SSH
To: <timothy.ty.lee at gmail.com>
Cc:
Hi TImothy,
I saw wiki http://wiki.centos.org/HowTos/Network/SecuringSSH and it is
pretty good, but there is a mistake.
*Instead of having*
iptables
2016 Jul 07
5
update clamav to 0.99.2
Helo,
update is in EPEL repository.
on startup, clamd does not further create clamd.sock and clamd.pid
clamd service stops without any message - even in debug mode.
It's a nightmare.
Helmut
--
Viele Gr??e
Helmut Drodofsky
Internet XS Service GmbH
He?br?hlstra?e 15
70565 Stuttgart
Gesch?ftsf?hrung
Dr.-Ing. Roswitha Hahn-Drodofsky
HRB 21091 Stuttgart
USt.ID: DE190582774
Tel. 0711
2011 Dec 09
1
find most recent file update in directory
Hello,
I try to find in a directory hicharchy the most recent time of file update.
I think, there could be a solution with find?
Thank you for help in advance
Best regards
Helmut Drodofsky
2019 Dec 01
2
update CentOS 7 at Nov 05 2019
yum update was run
23.10.19 and then
05.11.19
to the beginning of the update 5.11.2019 kernel logging to
/var/log/messages was ok.
During the update at 5.11.2019 logging to /var/log/messages finished. I
persume, this bug began during processing updates. yum-log shows:
...........
Nov 05 14:56:54 Installed: virt-viewer-5.0-15.el7.x86_64
Nov 05 15:59:28 Installed: nbdkit-1.8.0-1.el7.x86_64
2019 Feb 07
2
persistent generic device for tape changer
Hello Ron,
sounds good. I have 2 tape changer. I persume, udev creates the same
link for both.
Can I modify
SYMLINK+="changer-$env{ID_SERIAL}"
The serial should be unique.
Viele Gr??e
Helmut Drodofsky
Internet XS Service GmbH
He?br?hlstra?e 15
70565 Stuttgart
Gesch?ftsf?hrung
Helmut Drodofsky
HRB 21091 Stuttgart
USt.ID: DE190582774
Fon: 0711 781941 0 <tel:+497117819410>
Fax:
2006 Apr 11
0
[Bug 469] New: recent match doesn't triger with --hitcount > 20
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=469
Summary: recent match doesn't triger with --hitcount > 20
Product: netfilter/iptables
Version: linux-2.6.x
Platform: i386
OS/Version: other
Status: NEW
Severity: normal
Priority: P2
Component: ip_tables (kernel)
AssignedTo:
2010 Nov 19
3
OT: Java down
Hallo,
yesterday from 3 to 11 pm UTC our Java application was down. As far as I
know, the server java.sun.com was not available.
Needs any java application direct access to sun?
Can I stop this hell?
Any idea?
Best regards
Helmut
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
2011 Sep 13
3
CentOS 6: file and directory permissions
Hi,
I fear I am too stupid:
I find nowhere the explanation of the dot in file permissions like:
-rw-r--r--. 1 root root 457 Aug 4 17:27 config
I have searched in forums, Red Hat deployment guide, storage administration guide etc
Thank you for help in advance.
Best regards
Helmut
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
2019 Feb 08
1
persistent generic device for tape changer
> Am 08.02.2019 um 00:13 schrieb Ron Loftin <reloftin at twcny.rr.com>:
>
> On Thu, 2019-02-07 at 22:29 +0100, Helmut Drodofsky wrote:
>> Hello Ron,
>>
>> sounds good. I have 2 tape changer. I persume, udev creates the same
>> link for both.
>>
>> Can I modify
>> SYMLINK+="changer-$env{ID_SERIAL}"
>>
>> The serial
2020 Jul 07
2
Pushing real machines into KVM/Qemu
Hi all,
I took a real Core 2 machine (T7200? whose motherboard was starting to die?) running Fedora 29 and dd?d the SSD over to my KVM server, then created a VM using ?create from existing image?.
After some tweaking, including setting the disk type to ?SATA? from ?Virtio?, I got it working.
Is there a fixed recipe for virtualizing CentOS/Fedora/RHEL instances into running VM?s on KVM/Qemu?
2019 Feb 07
2
persistent generic device for tape changer
Hello,
mtx and therefor amanda use generic device /dev/sg<x> for tape changer.
These devices change on reboot.
How to make them persistent?
/dev/sch0 and /dev/sch1 seem to be persistent.
/dev/tape/by-id/ shows links from WWID to generic device
An UDEV rule could help? I have not found any example.
--
Viele Gr??e
Helmut Drodofsky
Internet XS Service GmbH
He?br?hlstra?e 15
70565
2012 Apr 05
3
IPSEC How To?
Hello,
now I have spent many hours to configure openswan for VPN connections
without any success.
My goal:
VPN Server CentOS 6 with public IPv4
VPN Client (= road warrier) from private site with NAT router or from
mobile cell with Linux, Windows 7, Mac, iPhone or Android
Is there any how to in the net?
When I read
file:///usr/share/doc/openswan-doc-2.6.32/config.html
then I belive, there is
2020 Jan 01
2
KVM Random Reboots AMD EPYC Server
our new Server with AMD EPYC and super micro board reboots ramdonly.
There is no error message before the reboot in /var/log/messages.
we are running 2 Server with VMWare workstation without any problem.
The new server should run KVM.
older servers with AMD (before EPYC) running KVM without any problem.
any idea or recommendation?
--
Viele Gr??e
Helmut Drodofsky
Internet XS Service GmbH
2011 Aug 02
3
CentOS 6.0 and freenx
Hi,
http://wiki.centos.org/HowTos/FreeNX
says: NX and FreeNX are only available for Centos 4 and 5
Alternative?
Thanks in advance for ideas.
Helmut
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.centos.org/pipermail/centos/attachments/20110802/533df4db/attachment-0003.html>
2009 Mar 13
4
date differs permanent some 3450 sec.
Hi,
the date jumps within 30 seconds to a wrong value. ntp service is
stopped at the beginning.
Whereas hwclock seems more precise.
[root at kerio ~]# service ntpd stop
Shutting down ntpd: [ OK ]
[root at kerio ~]# ntpdate 0.centos.pool.ntp.org
13 Mar 07:04:48 ntpdate[23003]: step time server 131.234.137.24 offset
-3450.678273 sec
[root at