On 2017-04-12 18:34, Per Jessen wrote:
suse@a-domani.nl wrote:
Dear all,
I have a question about
security:/netfilter/openSUSE_Leap_42.2/noarch/xtables-geoip-2016.09-71.2.noarch.rpm
In my firewall I examine all unexpected traffic, there for I end added lines for all existing countries, like: iptables -A CC -m geoip --src-cc AD -j LOG --log-prefix " CC=Andorra " iptables -A CC -m geoip --src-cc AD -j DROP
I have likewise 250 lines, but still I've got some uncaught lines. Does that mean there are "other countries", or that there are subnets not defined within the package xtables-geoip-2016.09-71.2.noarch.rpm
In twelve hours, I got 232 different IPv4 adresses, that xtables-geoip does not recognize.
Yes, that is due to incorrect or missing whois information for the subnets involved. Or that wherever xtables gets the information is flawed or outdated.
Hi Per, As no-one else responded, it seems that this knowledge is not wide spread (one way of looking at it :-) But is this something that (end-)users could/should take care of? Or, as it resides under "security", is this restricted to a few people upstream? Kind regards, Hans -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org