A lot of IP's that the (l)users come in on are dynamic, so I don't necessarily want to block a user from the web page, say (unless they're from APNIC)... So, this dude's gonna log off at some point & someone else will get a lease with that IP. By rerunning my firewall every night (which flushes the rules as the 1st thing it does), I clear it all out & it can start over.
To be fair, I think this has all been recently superceded by events, as I have moved the linux box back from being the router, and have installed a LinkSys router between my internal network & the internet. The linux box now only serves, and does not ipMasq. The LinkSys box handles that for me, handles ipMasq, and only forwards in the ports I chose (sendmail, ssh, http), so I'm not sure any of that stuff is worthwhile to me, anymore.
-Tom
-----Original Message-----
From: redhat-list-bounces@xxxxxxxxxx [mailto:redhat-list-bounces@xxxxxxxxxx]On Behalf Of Chris W. Parker
Sent: Wednesday, April 06, 2005 3:08 PM
To: General Red Hat Linux discussion list
Subject: RE: SSH2
Burke, Thomas G. < mailto:tg.burke@xxxxxxx>
on Wednesday, April 06, 2005 5:06 AM said:
> There's a tool called portsentry that works pretty well on some of
> these things. You can set up its sensitivity to certain events & it
> will drop (l)users into hosts.deny and also much your ipchains to
> drop anything from that source into your bit bucket, so it appears
> that you just fell off the earth.
That sounds nice.
> Of course, the routes get reset on
> power cycles & so forth (or in my case, I rerun my firewall script
> every midnight to flush out all the rules & reload)
What's the purpose of clearing the list of denied clients? Or did I
misunderstand you?
Chris.
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subjecthttps://www.redhat.com/mailman/listinfo/redhat-list
