On 15/2/23 03:31, Justin Pryzby wrote:
On Tue, Feb 14, 2023 at 02:14:58PM +0100, Yassine Chaouche wrote:
Le 2/13/23 à 3:16 PM, Simon Matter a écrit :
Hi Yassine,
Isn't it possible that all the requests you see are coming in over the
already established TCP connection? I guess only new connections will then
be blocked.
You could check if there's an active connection with netstat, or check
with tcpdump if there's new connections being created.
I suggest to use the conntrack tool to list active *or expected/related*
connections, and to terminate them. It's a part of netfilter.
Another option, if established connections are the problem, is to use
BLACKLIST=ALL in shorewall.conf; be sure to read
https://shorewall.org/manpages/shorewall.conf.html about the caveats.
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
