On 7/27/05, Nagy Zoltan <kirk@xxxxxxx> wrote: > i've read 1-3 the files, i think your problem is a skip of the "update" (my english is really bad ;) > because your --update lines have other condition like:seconds and rate > the attacking machine when it begins to send those packets, recent knows nothing about him, it will be enlist with a --set match > and then you don't update it's record with a single --update, so it can't reach the hitcount :) 2 and 3 have --set during the rule in the INPUT chain that jumps to the custom chain. On 7/27/05, Marius Mertens <marius.mertens@xxxxxx> wrote: > problem. The only positive about it: I finally gave up debugging it, and as > silently as it came, the problem disappeared. Everything is working fine > again. With a still unchanged ruleset of course ;-) If this is not the result of something dumb we're doing, there's probably a bug that should be squirreled out. Intermittent problems in security software are bad. Still, iptables has been so stable that I'm thinking it's likely my fault. =P I'll keep poking at it when I have a moment.
