On Sun, Jul 15, 2012 at 7:49 PM, C Anthony Risinger <[email protected]> wrote:
> On Sun, Jul 15, 2012 at 6:17 PM, C Anthony Risinger <[email protected]>
> wrote:
>
> [...]
>
> > however, it concerns me that all the machines running this report
> > fwknopd as consuming a fair amount of resources, continuously.
>
> [...]
>
> > ... how can this be remedied?
>
> forgot to mention that it's a linux server, kernel 3.4.4 (archlinux).
> 100% default configuration -- ATM i'm only using it to open SSH port
> on demand. looping is happening within pcap_capture. if i run as a
> UDP/TCP server (supported, right) it should be much lighter, yes?
>
>
I haven't tested the UDP/TCP server modes recently, but they should work.
Test suite support for them will be added soon.
> > bleh, i also had a related questions
> > but it's escaping me for now ...
>
> and now i remember :-) i wanted to suggest that the INPUT chain be
> configurable, and that fwknopd should simply use the chain if it
> already exists (taking note of whether or not it created it) ... when
> running this on Vyatta Network OS there were some issue when fwknockd
> needed a restart -- chains in wrong order afterwards.
>
>
You can influence the chain from which packets are jumped to by using the
IPT_INPUT_ACCESS variable. For the existence check, do you mean for the
jump-from chain? Or the jump-to chain? If the later, there is a check and
it will be created if not.
Thanks,
--Mike
> thanks,
>
> --
>
> C Anthony
>
>
> ------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> _______________________________________________
> Fwknop-discuss mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/fwknop-discuss
>
--
Michael Rash | Founder
http://www.cipherdyne.org/
Key fingerprint = 53EA 13EA 472E 3771 894F AC69 95D8 5D6B A742 839F
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Fwknop-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fwknop-discuss
