subject:"Re\: \[Shorewall\-users\] blacklist if connection attempt on unused port"

Re: [Shorewall-users] blacklist if connection attempt on unused port

2017-01-18 Thread Tom Eastep

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 01/18/2017 10:17 AM, Nigel Aves wrote: > > Just tested your fix. Everything seems to be working perfectly from > the outside and the inside. > Glad to hear that it is working, Nigel. Beginning with Shorewall 5.1.1, you will be able to specify

Re: [Shorewall-users] blacklist if connection attempt on unused port

2017-01-18 Thread Nigel Aves

Tom, Just tested your fix. Everything seems to be working perfectly from the outside and the inside. Many Thanks, Nigel. On 1/18/2017 10:12 AM, Tom Eastep wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 01/18/2017 07:01 AM, Nigel Aves wrote: I've become a little stuck on

Re: [Shorewall-users] blacklist if connection attempt on unused port

2017-01-18 Thread Tom Eastep

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 01/18/2017 07:01 AM, Nigel Aves wrote: > I've become a little stuck on setting up ipset correctly. I > followed the instructions from an email as follows: > > > DYNAMIC_BLACKLIST=ipset-only,timeout=3600::info > > and in Rules at end > >

Re: [Shorewall-users] blacklist if connection attempt on unused port

2017-01-18 Thread Nigel Aves

I've become a little stuck on setting up ipset correctly. I followed the instructions from an email as follows: DYNAMIC_BLACKLIST=ipset-only,timeout=3600::info and in Rules at end ADD(SW_DBL4:src)net$FW and after some testing everything seemed to be working all OK. Using

Re: [Shorewall-users] blacklist if connection attempt on unused port

2016-12-01 Thread Nigel Aves

Vieri, Thank you for your help. I'm running Shorewall 5.0.8.2-1.el7, so that explains it. Typically I prefer to use the updates as they become "official" in the repositories. (I'm no Linux expert :) and I use Webmin / Virtualmin to help me keep the system running ). I'll hold off for the

Re: [Shorewall-users] blacklist if connection attempt on unused port

2016-11-30 Thread Vieri Di Paola

- Original Message - From: Nigel Aves > But following this post, when I try and change "DYNAMIC_BLACKLIST" it always > errors out. (Tried both > solutions in email)> > ERROR: Invalid value (ipset-only,timeout=3600::info) for DYNAMIC_BLACKLIST > > or > >

Re: [Shorewall-users] blacklist if connection attempt on unused port

2016-11-30 Thread Nigel Aves

I was trying to implement this "ipset" solution and I keep hitting a brick wall. I'm no expert on this, so I was hoping for some guidance. I have searched and searched trying to find the solution but to no avail. In the Shorewall dump I have the following (which from some documentation seems

Re: [Shorewall-users] blacklist if connection attempt on unused port

2016-11-30 Thread Vieri Di Paola

- Original Message - From: Tom Eastep > First, remove the ADD rules from /etc/shorewall/rules. > > You can then copy action.Drop to /etc/shorewall/ and then add this to > the copy as the last line:> >ADD(SW_DBL4:src) Unfortunately, private IP addresses from

Re: [Shorewall-users] blacklist if connection attempt on unused port

2016-11-30 Thread Tom Eastep

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 11/30/2016 03:41 AM, Vieri Di Paola wrote: > > > - Original Message - From: Tom Eastep > >> Configure ipset-based dynamic blacklisting: >> DYNAMIC_BLACKLIST=ipset-only,timeout=3600::info then put this at >> the

Re: [Shorewall-users] blacklist if connection attempt on unused port

2016-11-30 Thread Vieri Di Paola

- Original Message - From: Tom Eastep > Configure ipset-based dynamic blacklisting: > DYNAMIC_BLACKLIST=ipset-only,timeout=3600::info > then put this at the bottom of your rules: > ADD(SW_DBL4,src)net$FW I seem to have a few issues with the ipset-based

Re: [Shorewall-users] blacklist if connection attempt on unused port

2016-11-28 Thread Vieri Di Paola

From: Tom Eastep > Configure ipset-based dynamic blacklisting:> > > DYNAMIC_BLACKLIST=ipset-only,timeout=3600::info > > then put this at the bottom of your rules: > > ADD(SW_DBL4,src)net$FW I believe the seperator is : instead

Re: [Shorewall-users] blacklist if connection attempt on unused port

2016-11-27 Thread Mark D. Montgomery II

Quoting Vieri Di Paola : Hi, Suppose I have rules such as: ACCEPT net $FW tcp 80,443 DNAT net loc:IP tcp 3389 [...etc...] I'd like to automatically/dynamically blacklist all IP addresses of hosts that try to connect to any other unlisted port (eg. port tcp

Re: [Shorewall-users] blacklist if connection attempt on unused port

2016-11-27 Thread Tom Eastep

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 11/25/2016 07:12 AM, Vieri Di Paola wrote: > Hi, > > Suppose I have rules such as: > > ACCEPT net $FW tcp 80,443 DNAT net loc:IP tcp 3389 [...etc...] > > I'd like to automatically/dynamically blacklist all IP addresses of > hosts that try to

Re: [Shorewall-users] blacklist if connection attempt on unused port

Re: [Shorewall-users] blacklist if connection attempt on unused port

Re: [Shorewall-users] blacklist if connection attempt on unused port

Re: [Shorewall-users] blacklist if connection attempt on unused port

Re: [Shorewall-users] blacklist if connection attempt on unused port

Re: [Shorewall-users] blacklist if connection attempt on unused port

Re: [Shorewall-users] blacklist if connection attempt on unused port

Re: [Shorewall-users] blacklist if connection attempt on unused port

Re: [Shorewall-users] blacklist if connection attempt on unused port

Re: [Shorewall-users] blacklist if connection attempt on unused port

Re: [Shorewall-users] blacklist if connection attempt on unused port

Re: [Shorewall-users] blacklist if connection attempt on unused port

Re: [Shorewall-users] blacklist if connection attempt on unused port

13 matches

Site Navigation

Mail list logo

Footer information