Ok
Thank you, I'll try this.
I was afraid of something like that, so I kept my connection down for
some moments, probably long enough :)
Regards,
JM
Shorewall Guy wrote:
JM wrote:
Hello there,
I'd like to understand something.
Today I tried to blacklist one single IP via the
/etc/shorewall/blacklist file (+ blacklist option activated on my "net"
interfaces + shorewall restarted)
I couldn't block the trafic through my gateway (= my shorewall)
I saw with iptables a new chain "blacklst", containing one DROP rules
with the IP I tried to block.
The byte counter didn't increase, but the byte counter for the blacklst
chain did.
The trafic (from net -> dmz) was still going on.
So I decided to insert (not append) a DROP rule directly with iptables
(in INPUT chain), still not working.
Then I decided to insert the same in the FORWARD chain, the traffic
stopped, which I can understand because it was some trafic "through" the FW.
==> Question: what does the blacklist option do / do not? not adding in
FORWARD ? not adding everywhere, let say?
Have I done something wrong?
Blacklisting is applied to both INPUT and FORWARD. Your confusion
probably stems from having BLACKLISTNEWONLY=Yes in shorewall.conf. With
that setting, only NEW connections are blocked -- existing connections
continue to work. If you want to be able to use blacklisting to break
existing connections then you must set BLACKLISTNEWONLY=No,
------------------------------------------------------------------------------
This SF.net email is sponsored by:
SourcForge Community
SourceForge wants to tell your story.
http://p.sf.net/sfu/sf-spreadtheword
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
------------------------------------------------------------------------------
This SF.net email is sponsored by:
SourcForge Community
SourceForge wants to tell your story.
http://p.sf.net/sfu/sf-spreadtheword
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
