Michelle Konzack wrote:
Am 22:32 2003-07-21 -0700 hat Matt Schalit geschrieben:
FW="/sbin/ipfwadm"
$FW -I -a accept -W eth0 -P tcp -o $FW -I -a accept -W eth0 -P udp -o $FW -O -a accept -W eth0 -P tcp -o $FW -O -a accept -W eth0 -P udp -o
YES - IT WORKS, - but too heavy !!!
You should know, we like it *big* in the USA. I don't know how ya'll like it over in Germany, but, um.... 10 hours of sampling qualifies you for dual citizenship here in the States.
Plenty of room in Kansas.
Charles knows all the hot spots. Heh.
Now I was 10 hour online and I have 5 MByte Logfiles !!! (syslog, kern.log and messages)
70% is only NetBIOS coming from outside but is rejected...
Around 5-18 requests per minute !!!
Ouch. You know, you could ask your ISP to block inbound 137 upstream from you. They just might do it. I can't think why you'd need that to pass their router anyway.
Is it possibel that it drop down my Internet connection ???
I have a very well workin USR Sportster 33.600 which makes between 3,5 and 3,8 kByte per Second.
But If I log in, I get this speed and one hour later only 2 or 2,5 kBytes...
I wrote a few paragraphs as an answer, but I erased them because I was speculating. I just don't know the answer. I would think any changes made would appear in the syslog.
Then is it possibel to log to another file insteed of the tree above ?
Yes you can log to another file using syslog.conf.
> and only Ports like 137, 80, 20 or 21 ??? > As I know, ipfwadm can do that, but how ?
Yes you can log only ports 137, 80, 20, 21, or any combination. Here are some rules that do that, though they specify UDP and TCP.
$FW -I -a reject -W ppp0 -P tcp -S 0/0 137 -o $FW -I -a reject -W ppp0 -P udp -S 0/0 137 -o $FW -I -a accept -W ppp0 -P tcp -S 0/0 20 21 1080 443 -o
The firest two reject, the last one accepts. They are examples. Change them to udp, or to differnt port or whatever. Just don't try to list too many ports on the same line. Break up the longer rules.
And why does it write into three Files ???
Because people in the 2.9.4 age didn't have any development control, and the fellow who create LRP was a real whack-job.
Okey, onto message 3. Matt
------------------------------------------------------- This SF.net email is sponsored by: VM Ware With VMware you can run multiple operating systems on a single machine. WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the same time. Free trial click here: http://www.vmware.com/wl/offer/345/0 ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
