On 10/5/20 8:49 PM, Bruce Bannerman wrote: > Hello everyone, > > I’m getting an annoying number of smtp connection attempts from a > specific IP address that has been going on for weeks now (several per > minute). > > I’m currently dropping these packets using a shorewall rule. > > I’m thinking of setting up a tarpit to try to discourage the unwanted > smtp attempts. > > Can someone point me to any appropriate documentation to do this? > > > I have seen the TARPIT sections in: > > * The man page for rules [1] > * Tom’s Network config [2] > > > I also tried to search the mailing list archives at [3], but get an > "Error 523”, Origin is unreachable. > > > To date, I have added the following line in my rules file: > > "TARPIT net:<static IP> dmz:$E_SMTP > tcp smtp" > > When I run shorewall check, it gives me the following error: > > "ERROR: TARPIT requires TARPIT Target in your kernel and iptables > /etc/shorewall/rules (line 40)” > > > > My Shorewall version is 5.2.3.2 > > Debian Stable 10.6 >
TARPIT requires xtables-addons which is no longer available in Debian 10. -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster Shoreline, \ with an international standard? Washington, USA \ A: Someone who makes you an offer you http://shorewall.org \ can't understand \________________________________________ _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users