On Sun, 2010-02-14 at 18:32 -0500, Brian Schang wrote: > Tom: > > On 2/14/2010 4:00 PM, Tom Eastep wrote: > > >> Worked like a charm. Thank you. But what I really wanted was to get a > >> log message from each IP address that tried to connect to UDP port > >> 59695, but limited to one log entry per IP per hour. > > > > In /etc/shorewall/action.LogLimit > > > > LOG:info - - - - - s:1/hour:1 > > Ah, I guess I did things the hard way... > > It seems to me that the iptables 'limit' match has similarities to the > 'recent' match. For my education, other than the 'limit' method being > simpler, are there any significant differences between the two methods > in this context?
'hashlimit' generally requires fewer rules. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------------ SOLARIS 10 is the OS for Data Centers - provides features such as DTrace, Predictive Self Healing and Award Winning ZFS. Get Solaris 10 NOW http://p.sf.net/sfu/solaris-dev2dev
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
