On Tuesday 15 November 2005 04:30, Charles Steinkuehler wrote:
Plus, I think the
place to state src/dst for ports is in the second sentence. I think
something like the following would be more clear:
Thanks for the suggestion -- I've updated both the 2.x and 3.x doc as you
suggest.
-Tom
--
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Tom Eastep wrote:
| --
| http://www1.shorewall.net/Documentation.htm#Blacklist
| http://www1.shorewall.net/2.0/Documentation.htm#Blacklist
|
| PORTS
|
| Optional; may
On Saturday 12 November 2005 04:59, Charles Steinkuehler wrote:
|
| What's the right way to do this in shorewall?
Never mind...after testing some blacklist rules (and some sleep!), I
noticed the port specificaitons in the blacklist file are destination
ports, so I can block the above
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Tom Eastep wrote:
| On Saturday 12 November 2005 04:59, Charles Steinkuehler wrote:
|
| |
| | What's the right way to do this in shorewall?
|
| Never mind...after testing some blacklist rules (and some sleep!), I
| noticed the port specificaitons in
On Monday 14 November 2005 19:20, Charles Steinkuehler wrote:
Next up...trying to get IPSec working on debian with a patched kernel and
iptables. I've got everything compiled and the kernel even runs (thanks to
tips at the shorewall site!), I just haven't had time to learn the new 2.6
IPSec
On Monday 14 November 2005 19:20, Charles Steinkuehler wrote:
Tom Eastep wrote:
| On Saturday 12 November 2005 04:59, Charles Steinkuehler wrote:
| | What's the right way to do this in shorewall?
|
| Never mind...after testing some blacklist rules (and some sleep!), I
| noticed the port
Tom
Tom Eastep wrote:
...
--
http://www1.shorewall.net/Documentation.htm#Blacklist
http://www1.shorewall.net/2.0/Documentation.htm#Blacklist
PORTS
Optional; may only be given if PROTOCOL is tcp, udp or icmp.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Charles Steinkuehler wrote:
| I'm migrating to a cable-modem internet connection, and am getting all the
| external junk that goes along with the 'shared' nature of this type of link.
|
| I'd like to drop a bunch of junk that's currently getting
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I'm migrating to a cable-modem internet connection, and am getting all the
external junk that goes along with the 'shared' nature of this type of link.
I'd like to drop a bunch of junk that's currently getting logged, but am not
sure the best way to