On 06/19/2013 11:09 PM, Willy Mularto wrote: > There are massive attacks on specific port, I want to trap and log just the > ip source to this port. Is there anyway to do so with shorewall? Thanks.
No -- but you can rate-limit your logging; for example:
/etc/shorewall/shoreawll.conf:
LOGLIMIT="s:5/min"
This cuts down considerably on the log volume while still identifying
each source IP address.
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ This SF.net email is sponsored by Windows: Build for Windows Store. http://p.sf.net/sfu/windows-dev2dev
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
