Re: [Shorewall-users] Shorewall 4.5.15 with ipset ADD and logging [SOLVED]

Thu, 30 Jan 2014 13:20:08 -0800 

On 1/29/2014 10:47 AM, Bill Shirley wrote:
> Thanks, Tom. The patch works:
> -A inet-fw -p 17 --dport 53 -j ~log3 -m comment --comment "timeout port
> scanners"
> -A inet-fw -p 6 --dport 22 -j SET --add-set IpOneDay src -m comment
> --comment "timeout port scanners"
> -A inet-fw -p 17 -m multiport --dports 80,443 -j ~log4 -m comment
> --comment "timeout port scanners"
> -A inet-fw -p 6 --dport 8443 -j ~log4 -m comment --comment "timeout port
> scanners"
> 
> Tested (now dropped instead of rejected:
> Shorewall:inet-fw:ADD(+IpOne IN=pwrbd OUT=
> MAC=68:05:ca:18:9e:61:a4:4c:11:f8:8e:c0:08:00 S... URGP=0
> Shorewall:inet-fw:DROP:IN=pwrbd OUT=
> MAC=68:05:ca:18:9e:61:a4:4c:11:f8:8e:c0:08:00 SRC=61.... URGP=0
> 
> 
> Now, is there any way to set the Shorewall prefix on this ADD with
> logging tag?  I'd like to get rid of:
> WARNING: Log Prefix shortened to "Shorewall:inet-fw:ADD(+IpPor "
> /etc/shorewall/rules (line 207)
> 
> It only shows once per list, but I don't want to get in the habit of
> ignoring warnings.
> 

Check out the 'LOGTAGONLY' option in shorewall.conf.

> I don't know how to express how much I appreciate your labors so, just
> Thanks:

You are most welcome Bill,

-Tom
-- 
Tom Eastep        \ When I die, I want to go like my Grandfather who
Shoreline,         \ died peacefully in his sleep. Not screaming like
Washington, USA     \ all of the passengers in his car
http://shorewall.net \________________________________________________

Attachment: signature.asc
Description: OpenPGP digital signature

------------------------------------------------------------------------------
WatchGuard Dimension instantly turns raw network data into actionable 
security intelligence. It gives you real-time visual feedback on key
security issues and trends.  Skip the complicated setup - simply import
a virtual appliance and go from zero to informed in seconds.
http://pubads.g.doubleclick.net/gampad/clk?id=123612991&iu=/4140/ostg.clktrk
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to