Package: shorewall Version: 3.0.7-1 Severity: normal
The file /etc/shorewall/Limit is needed for the limit module of shorewall to work. It is missing from the debian package. Information about the limit module is available here: http://www.shorewall.net/PortKnocking.html#id2460417 The file should contain something like ### cut 8< ############## set -- $(separate_list $TAG) run_iptables -A $CHAIN -m recent --name $1 --set if [ -n "$LEVEL" ]; then run_iptables -N $CHAIN% log_rule_limit $LEVEL $CHAIN% $1 REJECT "" "" -A run_iptables -A $CHAIN% -j reject run_iptables -A $CHAIN -m recent --name $1 --update --seconds $3 --hitcount $(( $2 + 1 )) -j $CHAIN% else run_iptables -A $CHAIN -m recent --update --name $1 --seconds $3 --hitcount $(( $2 + 1 )) -j reject fi run_iptables -A $CHAIN -j ACCEPT ### >8 cut ############## I tested my system with the folowing rules in /etc/shorewall/rules: Limit:info:SSHA,3,60 net fw tcp ssh ACCEPT net fw tcp ssh and I could connect as many times as I wanted from a remote host. I added /etc/shorewall/Limit with the above content and restarted shorewall. Now the connection is blocked when there are more than 3 attempts in one minute which is the expected behaviour of the limit module. -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.11-1-686-smp Locale: LANG=fr_CA, LC_CTYPE=fr_CA (charmap=ISO-8859-1) Versions of packages shorewall depends on: ii debconf [debconf-2.0] 1.4.30.13 Debian configuration management sy ii iproute 20041019-3 Professional tools to control the ii iptables 1.2.11-10 Linux kernel 2.4+ iptables adminis -- debconf information: shorewall/upgrade_20_22: shorewall/upgrade_14_20: shorewall/upgrade_to_14: shorewall/warnrfc1918: shorewall/warn_about_klogd_floods: * shorewall/dont_restart: * shorewall/major_release: false -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
