Displaying 20 results from an estimated 300 matches similar to: "[Bug 58] save() function of libipt_recent.c broken"
2003 Mar 02
0
[Bug 58] New: save() function of libipt_recent.c broken
https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=58
Summary: save() function of libipt_recent.c broken
Product: iptables userspace
Version: 1.2.7a
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: unknown
AssignedTo: laforge@netfilter.org
2007 Apr 18
1
[Bridge] bridge at start up
hi i have gone through the achieves but still could not get my bridge to suvive a reboot .
please can anyone help me am using fedora core 2
-----Original message-----
From: bridge-request@lists.osdl.org
Date: Fri, 28 Jan 2005 03:08:06 +0100
To: bridge@lists.osdl.org
Subject: Bridge Digest, Vol 17, Issue 25
> Send Bridge mailing list submissions to
> bridge@lists.osdl.org
>
>
2003 Jun 15
9
[Bug 91] conntrack unload loops forever (reproducible)
https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=91
------- Additional Comments From kaber@trash.net 2003-06-16 00:38 -------
problem seems to be a dropped reference in remove_expectations, can be reproduced by
unloading ip_conntrack after unloading a helper which is helping a connection.
Attached patch fixes my problems.
------- You are receiving this mail because: -------
2003 Apr 23
1
[Bug 83] Owner matching support broken in Kernel 2.4.20
https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=83
outsider@key2peace.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |ASSIGNED
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching
2003 Apr 30
1
[Bug 53] Feature request - Basic Denial of Service feature
https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=53
laforge@netfilter.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |LATER
------- Additional Comments From
2003 Apr 21
1
[Bug 64] Conntrack-Table is not cleared on inferface down using target MASQUERADE
https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=64
------- Additional Comments From tobias@portfolio16.de 2003-04-21 23:51 -------
Hi,
I think I just found a problem with the patch... It was my fault to use a automatic build
system and not check it... In the end the patch didn't apply in its whole and I didn't
discover it, because the build system just went on.
2012 Jun 11
1
iptables: hitcount
Hello,
up to CentOS 5.3 it was possible, to control new ip connections by
"recent", "seconds" and "hitcount"
-A INPUT -m state --state NEW -m recent --set -p tcp --dport 80
-A INPUT -m state --state NEW -m recent --update --seconds 60 --hitcount
1000 -p tcp --dport 80 -j LOG --log-prefix "FW DROP IP Flood: "
-A INPUT -p tcp -m tcp --dport 80 -m state
2011 Jan 27
2
centos 5.5: iptables: module recent
Hello,
I have well performing iptables in centos 5.2 and 5.3 :
-A INPUT -m state --state NEW -m recent --update --seconds 60 --hitcount 1000 -p tcp --dport 25 -j LOG --log-prefix "FW DROP IP Flood: "
Centos 5.5, updated today:
Without -hitcount : iptables accept the line
Including -hitcount : iptables brings an error message:
Applying iptables firewall rules: iptables-restore:
2006 Apr 11
0
[Bug 469] New: recent match doesn't triger with --hitcount > 20
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=469
Summary: recent match doesn't triger with --hitcount > 20
Product: netfilter/iptables
Version: linux-2.6.x
Platform: i386
OS/Version: other
Status: NEW
Severity: normal
Priority: P2
Component: ip_tables (kernel)
AssignedTo:
2009 Dec 22
2
IPTABLES --hitcount maximum value
Is the maximum permitted value for --hitcount documented anywhere?
I reliably get a iptables-restore error when I specify a hitcount
value greater than 20 but I cannot find any mention of there being a
maximum value.
--
*** E-Mail is NOT a SECURE channel ***
James B. Byrne mailto:ByrneJB at Harte-Lyne.ca
Harte & Lyne Limited
2004 May 05
1
Samba ADS Help
I have been having a hard time login into a RH AS 3.0 using my MS AD account
and password. I did successfully setup winbind, krb5 and samba w/out any
major complications. But when it came to login I investigate as to why I am
not able to log into the linux box using my AD account and password. I used
the following URL example to setup winbind and samba.
2009 Aug 16
1
to filter dos ip using iptables recent
Hello, all.
I read this document about iptables recent module.
http://blog.andrew.net.au/2005/02/16#ipt_recent_and_ssh_attacks
and I would like to filter the excessive spam mail sending ip address by iptables recent module.
and some questions.
iptables -A INPUT -p tcp --dport 25 -m state --state NEW -m recent --set --name SPAM
iptables -A INPUT -p tcp --dport 25 -m state --state NEW -m
2013 Mar 07
1
Fwd: mistake on Securing SSH
This was sent to me regarding the wiki.
---------- Forwarded message ----------
From: "Martin Kon??ek" <mkonicek12 at gmail.com>
Date: Mar 7, 2013 4:44 AM
Subject: mistake on Securing SSH
To: <timothy.ty.lee at gmail.com>
Cc:
Hi TImothy,
I saw wiki http://wiki.centos.org/HowTos/Network/SecuringSSH and it is
pretty good, but there is a mistake.
*Instead of having*
iptables
2008 Aug 19
4
Simple IPTABLES Question
I added these rules to IPTABLES to slow brute force attacks.
iptables -A INPUT -p tcp --dport 22 -s my_subnet/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent
--set --name SSH
iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent
--update --seconds 60 --hitcount 5 --rttl --name SSH -j DROP
I would like log entries when connections are dropped to see
2003 Apr 23
0
[Bug 24] When upgrading to 2.4.20 the owner-match doesn't work anymore.
https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=24
gandalf@wlug.westbo.se changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |outsider@key2peace.org
------- Additional Comments From gandalf@wlug.westbo.se 2003-04-23 15:57 -------
*** Bug 83
2003 Apr 29
0
[Bug 90] New: RPC and RSH conntrack helpers don't use struct ip_conntrack_helper->name correctly
https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=90
Summary: RPC and RSH conntrack helpers don't use struct
ip_conntrack_helper->name correctly
Product: netfilter/iptables
Version: patch-o-matic
Platform: other
OS/Version: other
Status: NEW
Severity: normal
Priority: P2
2002 Mar 07
12
[Bug 141] openssh-3.1p1-1.src.rpm will not build on RedHat Linux 6.1
http://bugzilla.mindrot.org/show_bug.cgi?id=141
markus at openbsd.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary| openssh-3.1p1-1.src.rpm |openssh-3.1p1-1.src.rpm will
|will not build on RedHat |not build on RedHat Linux
|Linux 6.1
2009 Mar 24
4
cls_flow
Hello Tom,
On the page 'http://lwn.net/Articles/313328/' i found info about changes
in 'cls_flow.c' in kernel-2.6.29:
net/sched/cls_flow.c | 4 +-
and may be now it will work properly to everyone's entertainment.
Thank you,
Alex
---
Прогноз погоды ТУТ - http://pogoda.tut.by
2007 Oct 10
0
How to use rate limit with marks set on packets with own queue???
Hi
After several days testing and studing howtos and docu again ...
I want to limit all tcp trafic with the limit module to say
one connection per second except some known trafic.
(This is because of using p2p progs gets mi crazy which gets my adsl
modem down
and I share my net with some users and because of encryption of stream
l7 does not work ...)
As I understand the limit module does work
2005 Sep 12
2
ip rule to block ssh attack
I''ve found the below rule, is it possible to use it with shorewall?
I see how to setup the timing/rates but how to perform loggin of such action (a separate rule?).
as an additional question is i possible to dynamically add hosts to blacklist and persist this between restarts?
"
SSH -A PREROUTING -m tcp -p tcp -d $EXTERNAL --dport 22 -m recent --rcheck --hitcount 3 --seconds 600 -j