Wow Lots of good responses in a hurry. Thank you.
First, I have many systems and when somebody attacks, I want to close the network off to that IP, not just a single machine. That implies that I can not use IPTABLES directly. Though I did give thought to adding that type of rule to all systems. It turns out that is not a good choice because some of my systems are not Linux. Using Zenoss command, I have no problem parsing the actual syslog message and converting that to a source IP address. So, I'm now in the position that a script is running under vbash on the OFR. I guess that I was looking for was more in line with the CLI commands within the script to actual effect the firewalling. I.e. configure set firewall .... commit exit Under the webgui of VC3 I remember that there was a way to make a list of addresses to add to a firewall rule, I've not found that under VC4. Sorry if this is a bit disjoint. Best, -Chris
_______________________________________________ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users