On Sun, 2010-02-14 at 15:09 -0500, Brian Schang wrote: > Tom: > > On 2/14/2010 12:19 PM, Tom Eastep wrote: > > >> I've looked through the help files and examples, but they seem to apply > >> to ACCEPT rules, not DROP rules. Is there a way to extend log limiting > >> to DROP also? > > > > /etc/shorewall/actions: > > > > LogLimit > > > > /etc/shorewall/action.LogLimit: > > > > #TARGET SOURCE DEST PROTO DEST SOURCE RATE USER/ > > # PORT PORT(S) LIMIT GROUP > > LOG:info - - - - - 1/hour:1 > > DROP > > > > /etc/shorewall/rules: > > > > LogLimit net fw udp 59695 > > Worked like a charm. Thank you. But what I really wanted was to get a > log message from each IP address that tried to connect to UDP port > 59695, but limited to one log entry per IP per hour.
In /etc/shorewall/action.LogLimit LOG:info - - - - - s:1/hour:1 -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------------ SOLARIS 10 is the OS for Data Centers - provides features such as DTrace, Predictive Self Healing and Award Winning ZFS. Get Solaris 10 NOW http://p.sf.net/sfu/solaris-dev2dev
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
