On 12/10/20 6:02 AM, Benny Pedersen via Shorewall-users wrote: > > DecĀ 9 18:15:50 localhost kernel: net-fw LOG IN=eth0 OUT= > MAC=f2:3c:92:3b:15:1e:50:87:89:40:a1:c1:08:00 SRC=10.224.98.88 > DST=wan-ip LEN=40 TOS=0x00 PREC=0x00 TTL=54 ID=21571 PROTO=TCP SPT=52652 > DPT=service-port WINDOW=0 RES=0x00 RST URGP=0 > > what am i missing in shorewall to stop it ? > > wan-ip is my server ip > service-port is my service, changed to not let it be to easy to continue > the problem >
If it is coming from a single address or sub-network, you can simply blacklist the SOURCE. Otherwise, just add a DROP rule that silently drops the traffic from net->fw: DROP net fw tcp service-port -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster Shoreline, \ with an international standard? Washington, USA \ A: Someone who makes you an offer you http://shorewall.org \ can't understand \________________________________________
OpenPGP_0x96E6B3F2423A4D10.asc
Description: application/pgp-keys
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
