* Richard Creighton <[EMAIL PROTECTED]> [07-17-07 17:05]: > Thank you very much....Obviously despite everything, I must have > fat-fingered something somewhere. After a cut and paste session PLUS a > system reboot (something I very rarely do in Linux), I ended up with: ...
A quick simple solution for one or two... addresses: enable SuSEfirewall-custom and add to /etc/sysconfig/scripts/SuSEfirewall-custom iptables -I INPUT 1 -s <address.as.dotted.quad> -j DROP I now use fail2ban to help keep my logs in tow :^) tail /var/log/fail2ban.log 2007-07-17 15:17:48,638 fail2ban.actions: WARNING [postfix-tcpwrapper] Unban 203.239.102.253 2007-07-17 16:16:59,593 fail2ban.actions: WARNING [postfix-tcpwrapper] Ban 88.233.59.219 2007-07-17 16:21:59,842 fail2ban.actions: WARNING [postfix-tcpwrapper] Unban 88.233.59.219 2007-07-17 17:16:40,567 fail2ban.actions: WARNING [postfix-tcpwrapper] Ban 74.212.33.47 2007-07-17 17:20:11,928 fail2ban.actions: WARNING [postfix-tcpwrapper] Ban 196.12.206.93 2007-07-17 17:21:41,075 fail2ban.actions: WARNING [postfix-tcpwrapper] Unban 74.212.33.47 2007-07-17 17:23:26,242 fail2ban.actions: WARNING [postfix-tcpwrapper] 196.12.206.93 already banned 2007-07-17 17:25:12,589 fail2ban.actions: WARNING [postfix-tcpwrapper] Unban 196.12.206.93 2007-07-17 17:26:43,823 fail2ban.actions: WARNING [postfix-tcpwrapper] Ban 75.73.74.254 2007-07-17 17:31:43,980 fail2ban.actions: WARNING [postfix-tcpwrapper] Unban 75.73.74.254 just added ssh and http filters and stopped denyhosts. Testing phase. I like the basics of fail2ban, and I sense that it will get better. It is packaged by Rauch Christian <[EMAIL PROTECTED]> type = rpm-md name = suser-crauch baseurl = ftp://ftp.gwdg.de/pub/linux/misc/suser-crauch/.... -- Patrick Shanahan Plainfield, Indiana, USA HOG # US1244711 http://wahoo.no-ip.org Photo Album: http://wahoo.no-ip.org/gallery2 Registered Linux User #207535 @ http://counter.li.org -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
