Hi Jim, >> >> Does anything show up in the /var/lib/portsentry/ directory? >> > Only 2 empty files - portsentry.blocked.tcp and portsentry.blocked.udp. > I've got both BLOCK_UDP and BLOCK_TCP set to zero , because I only want > warnings to start with, and I've set KILL_ROUTE="/sbin/iptables -I INPUT -s > $TARGET$ -j DROP" . I was hoping that if I got GRC's 'ShieldsUp' to > scan my machine on the internal interface, that I would get a log file > somewhere with warning entries. > In the portsentry example "KILL_ROUTE" line logging is set: .... -j LOG --log-level DEBUG --log-prefix 'Portsentry: dropping: '
I think you have to change your KILL_ROUTE line to include logging. What do you mean with "scanning your internal interface"? Eric ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/