> I found this and it made sense to an almost-literate-with-route2 person. > When it worked and the logwatch entries dropped from > tens/hundreds/thousands a day to less than ten I was thrilled. > > I have been meaning to get rid of the logging since it goes the console > of the server(s) which are in a colo 35 miles away. This makes me brave > enough to take that line out. Didn't want to fiddle with what was > working ... or don't fix what's not broken. > > The other idea I had was to use TARPIT instead of DROP. For most of the > systems I deal with there are only a few IPs that need to access the > system remotely so the idea of tarpitting the bogus connections gives me > a warm-fuzzy feeling. But I'm not sure if TARPIT is a standard module.
you can keep logs from going to the console by using the --log-level info flag for the LOG rules. they'll still go the syslog and be summarized by logwatch, but not clutter up the screen. _______________________________________________ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug