On 01/06/2018 04:57 PM, Colony.three via Shorewall-users wrote: > So I told the doctor, "Doc, when I move my arm this way, it hurts." The > doc says, "well then don't move your arm this way." > > You're better than that Tom, although you may not admit it. Maybe > you're angry with me for my frustration over Strongswan, but that is not > relevant anymore. This no longer has anything to do with Strongswan.> > There are a hundred million bots trying everything on common ports, with > known vulns as well as zero-days. They can not try every port so 99% of > them concentrate on the low-hanging fruit. I am in enterprise infosec, > and security is layering. > > It would be best if I could change this port, and there is some reason > that my packets are getting torn up. Maybe you don't have the answer > but maybe someone will recognize the merit of this effort and will pitch > in. This is the only place to ask about the mechanics of Shorewall > after all. >
I admit that this is one of the few of your 50+ posts in the last two weeks that directly relates to Shorewall, but I'm afraid that I couldn't write a DNAT rule that shortens the payload of a packet if I tried. So I have no clue what is going on in this case. Have you tried comparing the packets arriving from the net with those being sent to the IPSEC endpoint? -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster with Shoreline, \ an international standard? Washington, USA \ A: Someone who makes you an offer you can't http://shorewall.org \ understand \_______________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
