Karsten Bräckelmann wrote:
On Mon, 2008-04-21 at 07:01 -0700, Tom Eastep wrote:SSH/Limit:warning:SSHA,3,500 net $FW This line logs only if the limit is reached.I would like to log with INFO level in any case, and with WARNING level in case of limit reaching.What about adding a Logging rule before the Limit? LOG:info net fw tcp ssh The existing Limit rule does the warning level logging already. The Logging rule will log all connections with level info in any case, just as you want. Note that this includes reaching the limit, if you have it before the Limit rule.You will have to write your own version of 'Limit' that does what _you_ want it to do.Did I overlook something? ;)
No -- I did. I thought the OP wanted one or the other log messages, but not both. Your approach is correct given that both messages are acceptable in an over-limit condition.
Thanks, -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
