Re: [Shorewall-users] Adding ctstate ESTABLISHED for dynamic blacklisting

Wed, 17 Jul 2013 22:44:10 -0700 

I didn't know I could do that:
Established(Continue)
Very nice.

Unfortunately I don't think the Blacklist option is available in 4.5.4.

I did read in the docs that setting blacklistnewonly=Yes can significantly
slow down the firewall if the blacklist file is large.

A bit unfortunate.  Perhaps i'll leave blacklistnewonly=true and remember
to kill established connections. Sort of a hassle sometimes... when killing
the connection isn't as easy as just killing the pid.

What would be ideal is when shorewall drop is called it would add  the ip
to the dynamic chain and ALSO kill the nf_conntrack connection.
On Jul 17, 2013 10:11 PM, "Tom Eastep" <[email protected]> wrote:

>
>
> Sent from my iPad
>
> On Jul 17, 2013, at 7:17 PM, johnny bowen <[email protected]> wrote:
>
> > Shorewall Version 4.5.4
> >
> > Yes that will do just fine.
> > However it might be nice to have a separate option for dynamic
> > blocking that defaults to BLACKLISTNEWONLY=No.
> >
> > like
> > BLACKLISTDYNAMICNEWONLY=No
> >
> > Thanks again.. I'll just use that for now.
>
> You can always set BLACKLIST=NEW,ESTABLISHED, then make your first blrules
> entry
>
>      Established(CONTINUE)
>
> Tom
>
> ------------------------------------------------------------------------------
> See everything from the browser to the database with AppDynamics
> Get end-to-end visibility with application monitoring from AppDynamics
> Isolate bottlenecks and diagnose root cause in seconds.
> Start your free trial of AppDynamics Pro today!
> http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
> _______________________________________________
> Shorewall-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>

------------------------------------------------------------------------------
See everything from the browser to the database with AppDynamics
Get end-to-end visibility with application monitoring from AppDynamics
Isolate bottlenecks and diagnose root cause in seconds.
Start your free trial of AppDynamics Pro today!
http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to