Firewall Filtering

[Todd Lee]

Thanks!  I inputted it into the firewall script!

But I was wondering where the IP's get logged?  I looked in the
/etc/hosts.deny and the /var/portsentry.blocked.tcp but couldn't find any
record of the IP's that have hit since inserting the line.

Also, I get the errors in /var/log/httpd/error_log but they don't show up in
portsentry/logcheck emails.  Do I have to do further modifications on
logcheck or portsentry?

-Todd

>-----Original Message-----
>From: whenever [mailto:whatever at whoever.net]
>Sent: Wednesday, January 30, 2002 9:03 PM
>To: Linux & Unix Advocates & Users
>Subject: [luau] Re: Firewall Filtering
>
>
>you need to change your portsentry kill route from -A(append)
>to -I(insert),
>so the new rule is before accept anywhere.
>
>KILL_ROUTE="/sbin/iptables -I INPUT -s $TARGET$ -j DROP"
>
>hope that help on the portsentry part.
>