On Fri, 2 Aug 2002, S Mohan wrote: > I think shorewall allows to log packets coming to various ports. Can we > allow for a rule to be defined dynamically blocking the source IP of the > packet in case the port being opened/ queried is not allowed by the host > owner. This is what portsentry does. Portsentry creates a iptables/ > ipchains rule dynamically blocking such source Ips assuming these are > results of port scans or hacking activity. In addition, he includes > these IPs in host.deny file. Can we do the same in shorewall? >
See http://www.shorewall.net/blacklisting_support.htm. -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ [EMAIL PROTECTED] ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html