Hello all, I'm believe I'm currently being scanned on one of my LEAF routers (this one is still an EigerStien I think), all from a single ip. It of course is filling up my logs, and eventually stops my dhcpd server. The log analyser at http://www.echogent.com/cgi-bin/fwlog.pl from this packet
Oct 10 20:48:57 isdnfirewall kernel: Packet log: remote DENY eth0 PROTO=6 216.224.239.106:58047 209.251.232.19:135 L=44 S=0x00 I=9912 F=0x4000 T=107 SYN (#9) gives this response You're very likely under attack here. I used to have the syntax to completely block a single ip, but I seem to have lost it, and my searches have come up empty. Can someone give me the syntax to block this offender ? I don't mind only plugging it in at the command line - this router gets rebooted only every 6 months or so - by that time, the person may have lost interest. Doug ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
