On Fri, 15 Feb 2002, GREGOR wrote:
> I'm using DCD, I set it up as firewall, with IP aliasing on eth0, DMZ
> switch=PRIVATE on eth2 and internal network on eth1.(thank's to bela,charles
> and ray).
>
> I've got tons of logs of hits on port 53 like the following examples :
[...]
> I've search the mailing list archives and found these following extra lines
> to add to ipfilter.conf file :
>
> # New Port 53 filter start IP_LIST="`cat /etc/dns_floods`"
The above line should be two lines.
> for IP in $IP_LIST; do
> $IPCH -I input -j DENY -p tcp -s $IP/32 -d $EXTERN_IP/32 53 -i$EXTERN_IF
I think you should have a space between the "-i" and "$EXTERN_IF".
> done; unset IP
> #New Port 53 filter end
>
> I've created the */etc/dns_floods* file as instructed in the archive and
> also added some more IP#'s and then did *svi network reload*, but those hits
> don't seems to stop.
Shell debugging tip: try the commands interactively to see if they have
the desired effect. Note that the variables defined at the point where
the script executes may not be defined at the command prompt, but you can
manually replace the variables or in some cases "source" the definitions
file (/etc/network.conf).
---------------------------------------------------------------------------
Jeff Newmiller The ..... ..... Go Live...
DCN:<[EMAIL PROTECTED]> Basics: ##.#. ##.#. Live Go...
Live: OO#.. Dead: OO#.. Playing
Research Engineer (Solar/Batteries O.O#. #.O#. with
/Software/Embedded Controllers) .OO#. .OO#. rocks...2k
---------------------------------------------------------------------------
_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
