Avoid log flood
This commit is contained in:
parent
1c466fdf89
commit
66c6cc3853
|
@ -1,3 +1,10 @@
|
|||
eofirewall (0.1-20110621.3) unstable; urgency=low
|
||||
|
||||
* Add an example for the ssh whitelist
|
||||
* Fix WAN outgoing traffic from lan
|
||||
|
||||
-- Jérôme Schneider <jschneider@entrouvert.com> Tue, 21 Jun 2011 19:35:17 +0200
|
||||
|
||||
eofirewall (0.1-20110621.2) unstable; urgency=low
|
||||
|
||||
* Add a whitelist for ssh
|
||||
|
|
4
firewall
4
firewall
|
@ -277,7 +277,9 @@ start()
|
|||
## LOG
|
||||
## Create a LOGDROP chain to log and drop packets
|
||||
$IPTABLES -N LOGDROP
|
||||
$IPTABLES -A LOGDROP -j LOG --log-prefix "iptables: " --log-level 4
|
||||
$IPTABLES -A LOGDROP -p tcp -m limit --limit 1/min -j LOG --log-prefix "iptables: denied tcp: " --log-level 4
|
||||
$IPTABLES -A LOGDROP -p udp -m limit --limit 1/min -j LOG --log-prefix "iptables: denied udp: " --log-level 4
|
||||
$IPTABLES -A LOGDROP -p icmp -m limit --limit 1/min -j LOG --log-prefix "iptables: denied icmp: " --log-level 4
|
||||
$IPTABLES -A LOGDROP -j DROP
|
||||
|
||||
$IPTABLES -A INPUT -j LOGDROP
|
||||
|
|
Reference in New Issue