> You've gotten Logcheck from Psionic, did you also get (and install) > Portsentry? I certainly did. > If portsentry was tripped, and added the offending host to the route table > and the IP to the /etc/hosts.dent file, no packets will be logged for that > host anymore. 'Fraid not. No-one's got through the firewall to PortSentry. Nothing has been added to either /etc/portsentry/portsentry.blocked.atcp or /etc/portsentry/portsentry.blocked.audp so no-one's tripped it. Also I have PortSentry configured so that it's using ipchains, not TCP wrappers, and the ipchains rule it uses to block intruders includes the -l flag. > Or, is it that DENY pakect logging stops altogether for ALL > offenders after > a while? That's the sucker! A reboot cures it briefly, but you know how us Linux peeps hate reboots ;-) Thanks, Tony
- [expert] ipchains logging Vincent Danen
- Re: [expert] ipchains logging Lee Willis
- Re: [expert] ipchains logging Vincent Danen
- Re: [expert] ipchains logging Suppiluliuma
- Re: [expert] ipchains logging Vincent Danen
- [expert] ipchains logging Tony Smith
- Re: [expert] ipchains logging Greg Stewart
- Re: [expert] ipchains logging Andrew George
- RE: [expert] ipchains logging Tony Smith
- Re: [expert] ipchains logging Tony Smith
- Re: [expert] ipchains logging Greg Stewart
- RE: [expert] ipchains logging Tony Smith
- Re: [expert] ipchains logging Greg Stewart
- RE: [expert] ipchains logging Tony Smith
- RE: [expert] ipchains logging Tony Smith
- Re: [expert] ipchains logging Greg Stewart
- RE: [expert] ipchains logging Tony Smith
- Re: [expert] ipchains logging Phil Edwards
- RE: [expert] ipchains logging Tony Smith
- Re: [expert] ipchains logging Bob