Hi Andrew
Am 06.03.2015 um 11:19 schrieb Andrew:
Hi.
You can try to use iptables recent module, but i slightly different way:
add source ips to list for knocking to one port, and grant access for
target http/ssh port corresponding to this list records. Something like
Hi Jürgen
Am 06.03.2015 um 11:33 schrieb j...@tux-net.de:
... and who (should) trigger the firewall to change its ruleset? The client ?
If so, you can let the ports open because the client always gets what he
wants at any time.
Yes, but only this client will do it, and it closes the door
Hi.
You can try to use iptables recent module, but i slightly different way:
add source ips to list for knocking to one port, and grant access for
target http/ssh port corresponding to this list records. Something like
http://www.snowman.net/projects/ipt_recent/ 3rd example.
06.03.2015 11:26,
... and who (should) trigger the firewall to change its ruleset? The client ?
If so, you can let the ports open because the client always gets what he wants
at any time.
Am 6. März 2015 10:26:08 MEZ, schrieb Erich Titl erich.t...@think.ch:
Hi Juergen
Am 06.03.2015 um 07:18 schrieb
Hi Juergen
Am 06.03.2015 um 07:18 schrieb j...@tux-net.de:
Why should the access to these update servers be enabled dynamically?
I could enable that access statically, but that would mean I have to
adapt the firewall policies to a peripheral functionality. As I want to
add this functionality to
You might create a rule for the target in question which logs when it matchs
and obey the logfile for this entry and adjust the rule if found . Time based
revert the ruleset or select an other target which is visited (and also
logged) for turning the access off.
Am 6. März 2015 10:26:08
Hi
The only raspberry pi set of files I can get to work is
Bering-uClibc-5.1-alpha1. Looks good so far but I am still waiting for
a usb to ethernet adapter to arrive in order to test further. The other
releases since then seem appear to have problems. When I go to edit the
config files, I
