On 2012-08-02 11:46, Jan Engelhardt wrote:
On Wednesday 2012-08-01 23:34, julien wrote:
I figured it would of interest to this list. I am also curious to get
feedback from the community, as I will be holding a Netfilter workshop
at Fosscon Philadelphia on August 11th. So if you have any comment,
please reply here, or to me directly.
http://jve.linuxwall.info/blog/index.php?post/2012/08/01/Netfilter-and-Iptables-talk-at-AWeber
For geoip blocking, there is also -m geoip from Xtables-addons.
I was more interested in ipset than I was in geoip. The latest is on my todo
list though.
AFW is not using -m conntrack though you used it earlier.
I need to make that change, and open source AFW. That's in the pipe.
And a big grin for the christmas example.
There shall be no talk without cat. That's an AWeber motto :)
But I'm really considering that type of rule for some systems. Keep a ssh
relay accessible at all time, but block direct SSH on servers themselves at
night.
- Julien
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
