Many thanks Matt. I’ll give it a try tomorrow.
Kind regards, Bruce > On 6 Oct 2020, at 16:54, Matt Darfeuille <[email protected]> wrote: > > On 10/6/2020 5:49 AM, Bruce Bannerman wrote: >> Hello everyone, >> >> I’m getting an annoying number of smtp connection attempts from a specific >> IP address that has been going on for weeks now (several per minute). >> >> I’m currently dropping these packets using a shorewall rule. >> >> I’m thinking of setting up a tarpit to try to discourage the unwanted smtp >> attempts. >> >> Can someone point me to any appropriate documentation to do this? >> >> >> I have seen the TARPIT sections in: >> >> The man page for rules [1] >> Tom’s Network config [2] >> >> I also tried to search the mailing list archives at [3], but get an "Error >> 523”, Origin is unreachable. >> >> >> To date, I have added the following line in my rules file: >> >> "TARPIT net:<static IP> dmz:$E_SMTP >> tcp smtp" >> >> When I run shorewall check, it gives me the following error: >> >> "ERROR: TARPIT requires TARPIT Target in your kernel and iptables >> /etc/shorewall/rules (line 40)” >> >> > > You at least need the xtables-addons (xtables-addons-dkms on Debian) to > get the TARPIT Target. > > -- > Matt Darfeuille <[email protected]> > Community: https://sourceforge.net/p/shorewall/mailman/message/37107049/ > SPC: https://sourceforge.net/p/shorewall/mailman/message/36596609/ > Homepage: https://shorewall.org > > > _______________________________________________ > Shorewall-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/shorewall-users _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
