[syslog-ng] Firewalling with syslog-ng, a working prototype

Alexander Clouter alex at digriz.org.uk
Mon Feb 21 12:50:43 CET 2011


Valentijn Sessink <valentyn at blub.net> wrote:
>
> [snipped 'the good stuff']
> 
> 4) Repeat step 3, but with "iptables" instead of "ip6tables". (I used 
> ip6tables on purpose, because it's time you get ready for IPv6 if you 
> aren't).
> 
Be careful as you are possibly opening yourself up to a DoS; for the v6 
case.  Most attackers will be able to move through their local /64 which 
might cause problems when using recent directly, might be worth 
combining it with hashlimit too.

Otherwise, 'neato'.

Cheers

-- 
Alexander Clouter
.sigmonster says: share, n.:
                  	To give in, endure humiliation.



More information about the syslog-ng mailing list