Thanks, will try that out.
-Original Message-
From: Tom Eastep [mailto:teas...@shorewall.net]
Sent: 02 September 2010 01:13
To: shorewall-users@lists.sourceforge.net
Subject: Re: [Shorewall-users] ICMP Attacks
On 9/1/10 5:07 PM, paddy667 wrote:
> My Policy file below.
> How do I stop it
On 9/1/10 5:07 PM, paddy667 wrote:
> My Policy file below.
> How do I stop it logging ICMP from the net, but keep other logging.
Add a DROP rule to your rules file.
-Tom
--
Tom Eastep\ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not
My Policy file below.
How do I stop it logging ICMP from the net, but keep other logging.
Thanks
#
#SOURCE DESTPOLICY LOG LIMIT: CONNLIMIT:
#
# LEVEL BURST
On 9/1/10 4:46 PM, paddy667 wrote:
> Hi,
>
>
>
> I am running shorewall 4.2.10
>
> 3 Interface
>
>
>
> Is there any way to stop these ICMP Attacks.
No -- there is nothing a packet filter can do to stop an attack. But you
are DOSing yourself by logging them. That's likwly doing more damage
Hi,
I am running shorewall 4.2.10
3 Interface
Is there any way to stop these ICMP Attacks.
I have replaced my external IP with xx.xxx.xxx.xx
Sep 2 00:25:03 Viper kernel: Shorewall:net2fw:DROP:IN=ppp0 OUT= MAC=
SRC=58.218.200.37 DST=xx.xxx.xxx.xx LEN=28 TOS=0x00 PREC=0x00 TTL=7 ID=
From: Jerry Vonau
Date: Wed, 01 Sep 2010 04:33:30 -0500
> How about a sample of the udev rules that you wrote?
I'm still working on rules to get a device node for a firewire
camera without warning messages. When that is thrashed out,
I'll tackle the eth interfaces. So my message was hypo
On 9/1/10 12:56 PM, Shawn Wright wrote:
> - "Tom Eastep" wrote:
>
> What are your requirements?
>
> - Log each connection (simple with Shorewall -- use a LOG rule or a log
> level on an ACCEPT rule)
> - Log every page request -- not possible with a packet filter.
>
> ---
> Each connect
- "Tom Eastep" wrote:
On 9/1/10 12:08 PM, Shawn Wright wrote:
> In changing our campus squid proxy to transparent mode (which only
> handles plain http traffic, not SSL), we are faced with having to NAT
> our SSL traffic, while still wishing to maintain tight control over
> access and lo
On 9/1/10 12:08 PM, Shawn Wright wrote:
> In changing our campus squid proxy to transparent mode (which only
> handles plain http traffic, not SSL), we are faced with having to NAT
> our SSL traffic, while still wishing to maintain tight control over
> access and logging.
>
I don't understand --
In changing our campus squid proxy to transparent mode (which only handles
plain http traffic, not SSL), we are faced with having to NAT our SSL traffic,
while still wishing to maintain tight control over access and logging.
I'm interested in recommendations for logging such traffic a in way th
On Tue, 2010-08-31 at 18:18 -0700, peasth...@shaw.ca wrote:
> Folk,
>
> Quoting from "http://www.shorewall.net/manpages/shorewall-nesting.html";,
> "The preferred way [to distinguish zones having ppp interfaces] is
> to use the ifname pppd option to change the 'net' interface to
> something othe
11 matches
Mail list logo
