-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 03/01/2017 05:32 AM, Scott Beane wrote: > I.Version 5.1.1 Kernel 3.10.0-514.6.2.el7.x86_64 >
> > IV. A detailed description of your problem: > > Since last update to 5.1.1, blrules stopped functioning, or at > least there are no log entries showing drops and no debug enties. > Only drops are sourced from rules directives. Note that the > following command is used to refresh blrules: "//usr/sbin/shorewall > refresh -n/ " Since our blrules file contains smtp ips, it has been > an active drop log and helps significantly in reducing the load on > our smtp server. > > 1. Typical content of "blrules" file: > > ## Sun, 26 Feb 2017 22:08:01 -0500 > mtn-zm-213-193-032-035.mtnbusiness.co.zm. ## 42 smtp REJECTED or > LOST Connections email address attempts. BLACKLIST > all:213.193.32.35 all > > 2. _Typical content from: shorewall show bl_ pkts bytes target > prot opt in out source destination 0 0 BLACKLIST all > -- * * 213.193.32.35 0.0.0.0/0 [goto] 3 180 BLACKLIST > all -- * * 172.93.133.0/24 0.0.0.0/0 [goto] This rule should have generated 3 log messages. > > 3. _All Blacklist related configuration file entries -_ grep -i > blacklist /etc/shorewall/shorewall.conf |grep -v '#' > > BLACKLIST_LOG_LEVEL=debug BLACKLIST_LOGLEVEL=debug > BLACKLIST_DEFAULT=Drop:info BLACKLIST="NEW,INVALID,UNTRACKED" > DYNAMIC_BLACKLIST=Yes BLACKLIST_DISPOSITION=DROP > > 4. interfaces file: > > ############################################################################### > > ?FORMAT 2 > ############################################################################### > > #ZONE INTERFACE OPTIONS > mails enp5s0 > logmartians=1,arp_filter,arp_ignore=2,nosmurfs,tcpflags loc > enp4s0f+ nosmurfs,tcpflags #LAST LINE -- ADD YOUR > ENTRIES BEFORE THIS ONE -- DO NOT REMOVE > Do you recall the Shorewall version that you used prior to 5.1.1? Thanks, - -Tom - -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJYtv8KAAoJEJbms/JCOk0QZAQQAKW2B7DgQGxk1rMsJPcU8xI3 6Cl+zDHCoe39zO+X3GoZI/5D0VYSpOBgQKwuYiizrpd+o1ux08cwVnNtX8i/u9EK bTKtTZk51l5UnzD/zHIAmD9COorRl6UwPvanSkMriTPiXNpfOsMwf12RvNiOzxey IzbXzdIqRJTWWDlkyZfkZBaNT729fJ02D/IrAQNdZADfczmIZKEp5jisAelPwsGL jtM/rGxqiBQluFzWL1FL/lYc7vKfRF6eIKPmRKZQYBF87LE4dmLlwJKLnU1Ov+aI oMRr/tma5NPkC7dQBeUBm2E0Sr40yY4sMx14dDKd5A2miInrjzYLIcaYPFpNGxlh Jqc1mB5RLqFYZHloAGC37mUJ4MjcXdRPQAiw1IcTbpTRU/uuSild6H7XwMwQ9I9i HZ0WnU7iAIZlJstpj0Gr2CRmIguwUeeK2lsBJ/fPysSJAX26UJ8u9WDDDwqIoLvU 7jZdAz/Dj3kVePUnk//F0sgY4GcXkeuuaJbGmmWXjY3jQi8YphEyyELRyeRVhSNY yLZ2Vc+KxOPPioaU714xb47jZ3K/sqZGcP/8OSFX7/2V39lfTqAxX7sty+YhO25R OWWKnij12NPzKjkBV47ooNE6U6Eh6k7ER4h+1ujcydS49B3CRCgVGQrMWtOWQZu0 ULEm33KSzVYX+q6lo90x =HbOb -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
