On Sunday 2012-01-22 21:38, Marcin Mirosław wrote: > W dniu 2012-01-20 22:00, Jan Engelhardt pisze: >> TARPIT does not have much of a use for random ports without any services >> because it is specific to clients sending data. You should use DELUDE at >> the end of the chain, also because it does not keep any connections >> around like tarpit. > > Hello Jan. > Meseems TARPIT is what i need, i'd like to slow down (a little) bots looking > for mssql and other MS specific soft. Then you should use -t raw -A PREROUTING -p tcp --dport ms-sql-s -j CT --notrack if your service is not exposed to the internet. > How can i track down what is the reason of such situation? Also compare output of `ss -at`. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
