On 9/16/10 10:17 AM, Tom Eastep wrote: > On 9/16/10 9:42 AM, Brian J. Murrell wrote: > >> What I think would be nice is a "shorewall blacklist <ip>" command that >> simply populates a table on a running shorewall[-lite] system (like drop >> does currently) but also stores that IP (on the the shorewall-lite >> system if that's the case) where a restore/restart reads the list and >> applies them to the blacklist. >> >> This way I get permanence, light-weight additions and additions that can >> be done without visiting the shorewall-lite machine. >> >> Thots? > > The dynamic blacklist has been preserved across stop/start and restart > since 4.4.11.
My bad -- it's only preserved across restart. But it is easy to extend it to stop as well. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Start uncovering the many advantages of virtual appliances and start using them to simplify application deployment and accelerate your shift to cloud computing. http://p.sf.net/sfu/novell-sfdev2dev
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
