On Tue, 2010-08-24 at 20:56 -0700, J and T wrote:
> Thanks Tom. I also thought of that, but you're right, that would crash
> us as well. I would think this would be a common problem, but I can't
> seem to find any solution.
>
Would creating a blackhole or prohibit route on the web-server itself
help? Yea, a bit heavy handed but if the offending ip address is not
really access any of your sites...
something like:
for i in `cat <path/to/logfile> | grep sitesearch.cgi?t=XXXdUwYrtYXXXdU
| awk '{print $1}'`; do sudo ip route add prohibit $i; done
The web-server should bail on the request as there is no route back and
close the connection.
Jerry
------------------------------------------------------------------------------
Sell apps to millions through the Intel(R) Atom(Tm) Developer Program
Be part of this innovative community and reach millions of netbook users
worldwide. Take advantage of special opportunities to increase revenue and
speed time-to-market. Join now, and jumpstart your future.
http://p.sf.net/sfu/intel-atom-d2d
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
