[syslog-ng] Firewalling with syslog-ng, a working prototype
Gergely Nagy
algernon at balabit.hu
Mon Feb 21 18:20:37 CET 2011
> Op 20-02-11 23:16, Gergely Nagy schreef:
> > I'll be implementing this on my own servers too. Been toying with the
> > idea ever since you posted about it first, but now with the step-by-step
> > howto, there're no more obstacles.
>
> Cool. Please let me know your findings.
It's running on 4 now, so far, working like a charm, blocking what
should be blocked, and so on.
There's another server I want to switch to this solution from sshguard,
but the kernel there is ancient (it's a Xen guest, and I can't upgrade
for reasons beyond my control), and it doesn't have /proc/net/xt_recent,
only /proc/net/ipt_recent.
I haven't tried whether that works the same or not, as I'd have to go
through a lot of pain to gain access to the box if anything goes wrong.
Nevertheless, this particular system will be switched over aswell,
sooner or later.
--
|8]
More information about the syslog-ng
mailing list