Linux-Bulgaria.ORG
навигация

 

начало

пощенски списък

архив на групата

семинари ...

документи

как да ...

 

 

Предишно писмо Следващо писмо Предишно по тема Следващо по тема По Дата По тема (thread)

Re: lug-bg: iptables

  • Subject: Re: lug-bg: iptables
  • From: emilio@xxxxxxxxxxx (Emil Slavov)
  • Date: Thu, 8 Aug 2002 13:36:24 +0300


        Az imah podoben problem s iptables. Toi se sastoi v tova che
neznaino otkade se poluchava simvola ` predi niakoia ot dumite v
praviloto i to samo ako go chete s iptables-restore. Zabelegi che v
saobshtenieto za greshka figurira `!root a ne !root. Opravih go kato
vkarah pravilata na raka i posle iptables-save ot sashtata mashina na
koiato se pravi i iptables-restore. T.e. davashe tazi greshka samo ako
faila e napraven s iptables-save ot edna mashina a se restorva na druga.

> This is a multi-part message in MIME format.
> 
> 
> Zdraveyte list,
> 
> 
> 
> imam maluk problem s iptables, pisah do iptables@xxxxxxxxxxxxxxxxxxx
no oshte ne sa mi otgovorili
> zatova reshih da pisha na lug, znachi problema mi e slednia .. pravq
si rule izpolzvaiki owner i limit
> modula - praviloto izglejda eto taka 
> 
> -A OUTPUT  -m owner ! --uid-owner 0 -m limit ! --limit 1000/second -j DROP
> 
> 
> sled koeto si save-am rule-to "/etc/init.d/iptables save active" -
spiram go
> i pak se opitvam da go pusna , efecta ot puskaneto beshe
> 
> Loading iptables ruleset: load "active"iptables-restore v1.2.6a: Bad
OWNER UID value `!root'
> 
> sled koeto reshih da smenq v /var/lib/iptables/active  !root s !0 -
efetcata beshe sushtia. 
> 
> vtoria problem koito imam e che v statistikata nevijdam tozi invers
koito pravq s ! -- limit 1000/second 
> 
> stat:
> DROP       all  --  anywhere             anywhere           OWNER UID
match 340 limit: avg 1000/sec burst 5
> 
> a izglejda che drop-va packatite koito sa pod 1000 koeto znachi che
"!" nesrabotwa ,   zatova si napravih test i sas 
> samostoqtelen user no i pri nego se drop-vaha packeti .. seshtam se za
nachin po-koito moga da go opravq no 
> ideqta e da go napisa na edin red tozi rule ako nqkoi e imal podoben
problem shte se radvam ako spodeli kak go e opravil
> 
> 
> thanks in advance 
> 
> 
> 
> br,Nikolay Abromov
> 
> .
> 
> 
> 
> 
> 
> 
> 
> 
> 

--------- 
Best Regards:

Emil Slavov
Network Engineer at GlobalCom Ltd.
Web: http://emilio.globcom.net
E-mail: emilio@xxxxxxxxxxx

============================================================================
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora
To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
============================================================================

 
наши приятели

 

линукс за българи
http://linux-bg.org

FSA-BG
http://fsa-bg.org

OpenFest
http://openfest.org

FreeBSD BG
http://bg-freebsd.org

KDE-BG
http://kde.fsa-bg.org/

Gnome-BG
http://gnome.cult.bg/

проект OpenFMI
http://openfmi.net

NetField Forum
http://netField.ludost.net/forum/

 

 

Linux-Bulgaria.ORG

Mailing list messages are © Copyright their authors.