Re: apache being bombardedFrom: Rodrigo Barbosa (email@example.com)
- Previous message: Eric Zatko: "System Hardening Software"
- Maybe in reply to: firstname.lastname@example.org: "apache being bombarded"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 13 Mar 2002 14:15:25 -0300 From: Rodrigo Barbosa <email@example.com> To: Mauricio Pretto <firstname.lastname@example.org>
Okey, I got your point. Just to clarify it, in case some other reader didn't
iptables -A -> will add to the end of the chain
iptables -I (without rulenum) -> will add as the first entry on the chain
I just looked at the summary of the manpage, where it states:
iptables -[RI] chain rulenum rule-specification [options]
iptables -[RI] chain [rulenum] rule-specification [options]
Maybe an update of the manpage is in order ?
On Wed, Mar 13, 2002 at 02:12:48PM -0300, Mauricio Pretto wrote:
> Its optional the rulenum
> Rodrigo Barbosa wrote:
> >On Mon, Mar 11, 2002 at 10:09:31AM +0100, Christian Gothe wrote:
> >>Geert Hauwaerts writes:
> >>>Add them in your firewall
> >>>iptables -A INPUT -i eth0 -s THERE_IP -j DROP
> >>iptables -I INPUT -i eth0 -s THERE_IP -j DROP is the better choice in
> >>most iptables firewalls.
> >Hummm, as far as I remember, -I requires a rulenum paramter.
> >Maybe you mean:
> >iptables -I INPUT 1 -i eth0 -s THERE_IP -j DROP
-- Rodrigo Barbosa - rodrigob at tisbrasil.com.br TIS - Belo Horizonte, MG, Brazil "Quis custodiet ipsos custodes?" - http://www.tisbrasil.com.br/ Brainbench Certified -> Transcript ID #3332104