Hi all, Here we have a debian firewall with 3 interfaces (in, out & dmz) running ipchains.
Now we are facing a problem: some people are making 'automated searches' on our www server -an ugly IIS5 :), and we intend to block this kind of search. I was thinking about blocking it on the firewall, this way: regularly I would collect some stats about the traffic, and if some client IP reaches a 'limit', I would re-run the firewall script and block that IP. Well, here goes my ask for help: can anybody give me some simple clues on how to collect those stats? I really don't know a lot about ipchains, but can it do the job? How? Or will I need another package like ipac or something? What I really need is something like a file with three fields, "Client IP, Time elapsed, Number of bytes" that I can process. I tried ipac, but it seemed so difficult to me to use it... Thanks in advance. -- __________________________________________________________ Sign-up for your own FREE Personalized E-mail at Mail.com http://www.mail.com/?sr=signup One click access to the Top Search Engines http://www.exactsearchbar.com/mailcom
