On 8/25/10 7:56 AM, J and T wrote: > > Question: is there a way to block IP's using netfilter/shorewall with a > "time-to-live"? That would be an awesome feature if there is one. I was > not able to find anything on that at the site. Right now I'm storing the > IPs in a text file and then purging from the filter. If there was a ttl > this would be much easier.
You can use an 'iptree' ipset which allows a timeout value for entries to be specified. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Sell apps to millions through the Intel(R) Atom(Tm) Developer Program Be part of this innovative community and reach millions of netbook users worldwide. Take advantage of special opportunities to increase revenue and speed time-to-market. Join now, and jumpstart your future. http://p.sf.net/sfu/intel-atom-d2d
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
