Tom, it works perfectly. I'm sorry, I was wrong on my tests as you said. I've just tested LOIC against my Shorewall and it dropped and logged perfectly.
Thanks for your time and thanks for Shorewall, I'm really enjoying it. Best regards! 2012/4/30 Tom Eastep <[email protected]>: > On 4/30/12 12:09 PM, Pau Beltrán wrote: >> Sorry Tom, I sent you the dump without testing before. Now I attach a >> dump with previous testing connecting from 192.168.1.4 to port 80 with >> a new discover... >> >> It realized, playing with the shorewall show nat, that the number of >> packets of the counter matches with what the limit is suposed to do, >> it looks like the limit its working. The strange thing is that the >> requested HTTP page that I'm connecting to its updated everytime. I >> press F5 at a higher rate, giving me a diferent timestamp on every >> request. A diferent timestamp shows me that cache is not acting and >> the request reaches its destination (192.168.2.2). In other words, I >> press F5, I get a fresh page in response but "shorewall show nat" >> counters remains at the same value. I wait a few seconds, hit F5 >> again, get a fresh page and the counter is increased. >> >> It seems that the rate-limit works cutting the DNAT rule (as the >> counter shows), but the request reaches its destination anyway. I >> can't understand why... I put the "public" ip of the firewall in the >> browser (192.168.1.135). Only a DNAT rule can take me to 192.168.2.2. > > Your browser doesn't close the connection immediately. So hitting F5 > doesn't necessarily create a new connection. Remember that rate-limiting > only affect *new connections*. > > -Tom > -- > Tom Eastep \ When I die, I want to go like my Grandfather who > Shoreline, \ died peacefully in his sleep. Not screaming like > Washington, USA \ all of the passengers in his car > http://shorewall.net \________________________________________________ > > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > Shorewall-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/shorewall-users > ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
