J. Bakshi a écrit : > > Even after the blacklist interval the client can access the server > successfully; the server still shows the client ip as blacklisted. > Definately the ip can be removed or "clear" as described in the man page > but storing the ip permanently at /proc/net/ipt_recent/blacklist is > very confusing. How can you then check if the ip is still blacklisted > or able to communicate with the server in real-life ? The list just stores source addresses and timestamps (the big numbers, measured in jiffies) of recently seen packets in a FIFO manner. Whether a packet will match the rule with 'recent' depends on its options --seconds and/or --hitcount. So it is up to you to parse the timestamps associated to an address and decide whether this address is blacklisted or not. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html