-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 08/21/2015 12:07 PM, Carlos E. R. wrote:
On 2015-08-21 20:13, John Andersen wrote:
I've seen these too, and got tired of them filling my logs, even though I rate-limit via Shorewall, and failtoban. (Ever growing ban lists slow things down).
You can do it with iptables. There is a setting in the SuSEfirewall2 file for it. It runs in RAM.
Carlose: I'm sure you realize the both susefirewall and shorewall do nothing but manage iptables rules and install them as the interface is booted. Never the less, a huge ban list slows EVERY packet, as each must be checked against the ban list. Banning entire subnets is more efficient. - -- After all is said and done, more is said than done. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iEYEARECAAYFAlXXeBMACgkQv7M3G5+2DLJdGwCfcs7I44B2g3G4kzXYZ1CtMiV8 bsIAn08/ddSuIxK4cydUm9XvFdAXEMSa =GG81 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org