[syslog-ng] Firewalling with syslog-ng, a working prototype

[Gergely Nagy]

> Op 20-02-11 23:16, Gergely Nagy schreef:
> > I'll be implementing this on my own servers too. Been toying with the
> > idea ever since you posted about it first, but now with the step-by-step
> > howto, there're no more obstacles.
> 
> Cool. Please let me know your findings.

It's running on 4 now, so far, working like a charm, blocking what
should be blocked, and so on.

There's another server I want to switch to this solution from sshguard,
but the kernel there is ancient (it's a Xen guest, and I can't upgrade
for reasons beyond my control), and it doesn't have /proc/net/xt_recent,
only /proc/net/ipt_recent.

I haven't tried whether that works the same or not, as I'd have to go
through a lot of pain to gain access to the box if anything goes wrong.
Nevertheless, this particular system will be switched over aswell,
sooner or later.

-- 
|8]