On 06/24/2013 07:01 AM, Ruth Ivimey-Cook wrote:
> Hi
>
> I recently coded this line into my gateway's crontab:
>
> /sbin/shorewall restart && /sbin/shorewall drop `awk
> '/Shorewall:FORWARD:REJECT:IN=ppp0 OUT=ppp0 MAC= SRC=/ { print $10;}'
> /var/log/syslog /var/log/syslog.1 |sort -u |cut -c5-`
>
> with the intention that attempts to forward through my node were likely
> from compromised machines and dropping connections from them might
> prevent other bad things happeneing as well.
>
> Is this a good thing to do?
> Is there a better way?Have you ever actually caught any traffic using that approach? -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ This SF.net email is sponsored by Windows: Build for Windows Store. http://p.sf.net/sfu/windows-dev2dev
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
