Re: Problem with log which are corrupted and need help with hitcount and FORWARD rules

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

**********************************************************************************************
> Just mean gateway/firewall server that all the traffic passes through.
>
> No doesn't work ... The port is blocked when I try these rules (copy
> of the INPUT rules) :
>
> iptables -A FORWARD -i eth1 -p tcp -m tcp --dport 443 -m state --state
> NEW -m recent --set
> iptables -A FORWARD -i eth1 -p tcp -m tcp --dport 443 -m state --state
> NEW -m recent --update --seconds 600 --hitcount 1 -j DROP

You've got a hitcount of 1. Don't you mean 10 as you had in your first
set of rules?

> And sorry but I have never user mailing list. I don't known how it's
> work exactly :(

No problem, but please don't put your reply at the top. Put it either
within or at the bottom of the quoted email, just like I have for this
email. It makes it easier for other people to follow the conversation if
they've joined late or are reading it in the archives :)
**********************************************************************************************

Yes it's for test. The first time should work, the second request
should be blocked for 600sec.
But never block the connection so doesn't work :(

I doesnt choose... I receive an email and reply ...


On 10/22/11, Andrew Beverley <andy@xxxxxxxxxxx> wrote:
> On Sat, 2011-10-22 at 17:11 +0200, Azerty Ytreza wrote:
>> Just mean gateway/firewall server that all the traffic passes through.
>>
>> No doesn't work ... The port is blocked when I try these rules (copy
>> of the INPUT rules) :
>>
>> iptables -A FORWARD -i eth1 -p tcp -m tcp --dport 443 -m state --state
>> NEW -m recent --set
>> iptables -A FORWARD -i eth1 -p tcp -m tcp --dport 443 -m state --state
>> NEW -m recent --update --seconds 600 --hitcount 1 -j DROP
>
> You've got a hitcount of 1. Don't you mean 10 as you had in your first
> set of rules?
>
>> And sorry but I have never user mailing list. I don't known how it's
>> work exactly :(
>
> No problem, but please don't put your reply at the top. Put it either
> within or at the bottom of the quoted email, just like I have for this
> email. It makes it easier for other people to follow the conversation if
> they've joined late or are reading it in the archives :)
>
> Andy
>
>
>
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux