Re: [Shorewall-users] connection rejection

From: Tom Eastep <teastep_at_nospam>
Date: Mon Aug 09 2010 - 15:27:34 GMT
To: shorewall-users@lists.sourceforge.net

On 8/9/10 8:17 AM, Vieri Di Paola wrote:
>
>
> --- On Mon, 8/9/10, Tom Eastep <teastep@shorewall.net> wrote:
>
>> Shorewall blacklisting blacklists the SOURCE address, not
>> the
>> DESTINATION address. From the 'show connections' output,
>> the original
>> connection was TO 123.123.123.123, not FROM that host.
>>
>> So after blacklisting that IP, you can still connect to
>> it.
>
> Thanks.
> Is there a way to "dynamically" blacklist a destination address? (and "de-blacklist" it)

No.

-Tom
-- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________

------------------------------------------------------------------------------
This SF.net email is sponsored by

Make an app they can't live without
Enter the BlackBerry Developer Challenge
http://p.sf.net/sfu/RIM-dev2dev

_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users

This message: [ Message body ]
Next message: Trent O'Callaghan: "Re: [Shorewall-users] connection rejection"
Previous message: Vieri Di Paola: "Re: [Shorewall-users] connection rejection"
In reply to: Vieri Di Paola: "Re: [Shorewall-users] connection rejection"
Next in thread: Trent O'Callaghan: "Re: [Shorewall-users] connection rejection"
Reply: Trent O'Callaghan: "Re: [Shorewall-users] connection rejection"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]