regra
galera resolvi algums problemas do firewall que mandei
so que na parte de flags ta dando erro ..
tem alguma coisa errada com essa regra
## NMAP FIN/URG/PSH
$IPTABLES -A CHECK_FLAGS -p tcp --tcp-flags ALL FIN,URG,PSH -m limit
--limit 5/minute -j LOG --log-level $LOG_LEVEL #--log-prefix "NMAP-XMAS:"
$IPTABLES -A CHECK_FLAGS -p tcp --tcp-flags ALL FIN,URG,PSH -j DROP
# SYN/RST
$IPTABLES -A CHECK_FLAGS -p tcp --tcp-flags SYN,RST SYN,RST -m limit
--limit 5/minute -j LOG --log-level $LOG_LEVEL #--log-prefix "SYN/RST:"
$IPTABLES -A CHECK_FLAGS -p tcp --tcp-flags SYN,RST SYN,RST -j DROP
# SYN/FIN -- Scan(probably)
$IPTABLES -A CHECK_FLAGS -p tcp --tcp-flags SYN,FIN SYN,FIN -m limit
--limit 5/minute -j LOG --log-level $LOG_LEVEL #--log-prefix "SYN/FIN:"
$IPTABLES -A CHECK_FLAGS -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP
Reply to:
- Follow-Ups:
- Re: regra
- From: "Guilherme de Freitas Figueiredo - [Gui]" <gui@maniacs.com.br>