On 08/21/2015 11:56 AM, Seth Bardash wrote: > In an effort to limit DNS hits I added this to the rules file: > > AutoBL(NS1,30,20,-,1200,DROP,err) net dmz:192.168.3.XXX > udp 53 ## Auto Blacklist NS1 > AutoBL(NS2,30,20,-,1200,DROP,err) net dmz:192.168.3.XXY > udp 53 ## Auto Blacklist NS2 > AutoBL(NS3,30,20,-,1200,DROP,err) net dmz:192.168.3.XXZ > udp 53 ## Auto Blacklist NS3 > AutoBL(NS4,30,20,-,1200,DROP,err) net dmz:192.168.3.XXA > udp 53 ## Auto Blacklist NS4 > > I also set up the DNS servers for no recursion and rate-limit of > 5. This gets me to reject most of the packets but I would like to > stop them at the firewall. > > It works and does what it is supposed to but I want to limit or > eliminate the AutoBL and the %AutoBL entries in the shorewall log. > > I tried : > > AutoBL(NS1,30,20,-,1200,DROP,err):none net dmz:192.168.3.XXX > udp 53 ## Auto Blacklist NS1 > > but this does not do anything. > > Any help with syntax would be appreciated.
AutoBL(NS1,30,20,-,1200,DROP,none) ... -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
