On 25/10/2012 14:57, Tom Eastep wrote: > On 10/25/2012 05:21 AM, Roger Lynn wrote: >> Hi, >> >> Is it possible to get Shorewall to reload the static blacklist file without >> resetting the packet and byte counters? >> >> I am following the guide at >> http://mudy.wordpress.com/2009/02/21/shorewall-blacklist-spamhaus-dshield/ >> to periodically generate a blacklist, but "shorewall -qq refresh -n >> blacklst" resets all my accounting. Is there a way to do this without >> resetting the counters? >> > No. > > -Tom
However, with a little more effort on the scripting side you could put the blocklist into an ipset. ipsets can be mangled arbitrarily at runtime and are a way of separating the iptables rules from the source/dest choice Good luck Ed W ------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_d2d_nov _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
