On 10/23/2013 6:44 AM, Brian J. Murrell wrote: > > I just did above. IRC servers like to port scan you before you are > allowed to complete a connection to make sure you are not an open proxy > being used to do bad things on the IRC server. > > These port scans fill up logs and hide the real activity that you really > want to see in a log with all of this portscanning.
One way to approach that is to use per-IP log rate limiting; I have: LOGLIMIT="s:5/min" That way, a typical port scan generates no more than 5 log messages. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ October Webinars: Code for Performance Free Intel webinars can help you accelerate application performance. Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from the latest Intel processors and coprocessors. See abstracts and register > http://pubads.g.doubleclick.net/gampad/clk?id=60135991&iu=/4140/ostg.clktrk
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
