Hello--
I have FLUSH_IPT_AT_INIT set to N;
mainly because, as I play with psad, I find
myself tweeking the config file and restarting,
and I don't really want to lose the current
entries.
I found that I had a long list of blocks
from a subnet that I determined after investigation,
that I should not be blocking.
So, I added an entry to the auto_dl file
for that subnet and a port range. A restart
of psad did not remove those blocks; I had
to do a -F and get rid of all blocks... wouldn't
it be nice to remove at startup, all bans that
conflict with auto_dl? And NOT lose all the other
entries collected?
murf
--
Steve Murphy
ParseTree Corporation
57 Lane 17
Cody, WY 82414
✉ murf at parsetree dot com
☎ 307-899-5535
------------------------------------------------------------------------------
Want fast and easy access to all the code in your enterprise? Index and
search up to 200,000 lines of code with a free copy of Black Duck
Code Sight - the same software that powers the world's largest code
search on Ohloh, the Black Duck Open Hub! Try it now.
http://p.sf.net/sfu/bds
_______________________________________________
psad-discuss mailing list
psad-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/psad-discuss
