Changeset 18954
- Timestamp:
- 04/08/12 13:19:19 (14 months ago)
- File:
-
- 1 edited
-
src/router/services/networking/firewall.c (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
src/router/services/networking/firewall.c
r18808 r18954 2545 2545 } 2546 2546 #ifndef HAVE_MICRO 2547 save2file(":logbrute - [0:0]\n"); 2548 save2file("-A logbrute -m recent --set --name BRUTEFORCE --rsource\n"); 2549 save2file 2550 ("-A logbrute -m recent ! --update --seconds 60 --hitcount 4 --name BRUTEFORCE --rsource -j RETURN\n"); 2551 // -m limit rule is a fallback in case -m recent isn't included in a build 2552 save2file 2553 ("-A logbrute -m limit --limit 1/min --limit-burst 1 -j RETURN\n"); 2554 if ((nvram_match("log_enable", "1")) 2555 && (nvram_match("log_dropped", "1"))) 2547 if (nvram_match("limit_pptp", "1") || nvram_match("limit_ssh", "1") 2548 || nvram_match("limit_telnet", "1")) { 2549 save2file(":logbrute - [0:0]\n"); 2556 2550 save2file 2557 ("-A logbrute -j LOG --log-prefix \"[DROP BRUTEFORCE] : \" --log-tcp-options --log-ip-options\n"); 2558 save2file("-A logbrute -j %s\n", log_drop); 2551 ("-A logbrute -m recent --set --name BRUTEFORCE --rsource\n"); 2552 save2file 2553 ("-A logbrute -m recent ! --update --seconds 60 --hitcount 4 --name BRUTEFORCE --rsource -j RETURN\n"); 2554 // -m limit rule is a fallback in case -m recent isn't included in a build 2555 save2file 2556 ("-A logbrute -m limit --limit 1/min --limit-burst 1 -j RETURN\n"); 2557 if ((nvram_match("log_enable", "1")) 2558 && (nvram_match("log_dropped", "1"))) 2559 save2file 2560 ("-A logbrute -j LOG --log-prefix \"[DROP BRUTEFORCE] : \" --log-tcp-options --log-ip-options\n"); 2561 save2file("-A logbrute -j %s\n", log_drop); 2562 } 2559 2563 #endif 2560 2564 if (nvram_match("chilli_enable", "1")) {
Note: See TracChangeset
for help on using the changeset viewer.
