Re: iptables rule to block when DNAT is used

2003-04-08 Thread Phillip Hofmeister
On Tue, 08 Apr 2003 at 03:17:18PM -0700, Kevin Buhr wrote: > > Also note that the mangle PREROUTING chain is run on all incoming > packets before any other chain, so: > > iptables -t mangle -I PREROUTING -s badbox.evil -j DROP > > should drop all packets from "badbox.evil" before any oth

Re: Apache: How to prevent from accessing webdav through http?

2003-04-08 Thread Phillip Hofmeister
Greets, On Tue, 08 Apr 2003 at 09:14:37AM +0200, [EMAIL PROTECTED] wrote: > NOTE: publish url is: https://localhost/webdav ... it goes to the www root > > Is there some more fashionable solution, when I don't have to create > symlink on the www root? Make an alias using the Apache Alias directi

Re: iptables rule to block when DNAT is used

2003-04-08 Thread Kevin Buhr
Hanasaki JiJi <[EMAIL PROTECTED]> writes: > > Firewall has rules to DNAT incoming traffic to a port on a DMZ box. > > how can an iptable rule be written to block some ip addresses before > they get to the rules > iptables -t mangle -A FORWARD > AND > iptables -t nat -A PR

Re: zeus sshd[1600]: refused connect from

2003-04-08 Thread Hanasaki JiJi
probably just have "paranoid" in your /etc/hosts.deny and its not allowing hosts that dont have a reverse DNS USE SUBJECTS IN YOUR EMAIL Ricardo Sousa wrote: hi. I'm getting some alerts in my log files, and i getting worry. The logs are some like this: ... Apr 8 01:08:37 zeus sshd[9972]: warn

Re: Re: ssh X forwarding problem - iptables interaction??

2003-04-08 Thread First Last
From: Jeremy Drake <[EMAIL PROTECTED]> To: First Last <[EMAIL PROTECTED]> CC: [EMAIL PROTECTED], "" Subject: Re: Re: ssh X forwarding problem - iptables interaction?? Date: Mon, 7 Apr 2003 20:43:07 -0700 (PDT) On Tue, 8 Apr 2003, First Last wrote: > > But maybe that rule doesn't apply to ursa

Re:

2003-04-08 Thread I . R . van Dongen
Seems like a normal portscan, like the one shields up does. On 08 Apr 2003 11:52:50 +0100 Ricardo Sousa <[EMAIL PROTECTED]> wrote: > hi. I'm getting some alerts in my log files, and i getting worry. > The logs are some like this: > > In /var/log/syslog,i'm getting this: > > Apr 8 01:01:37

[no subject]

2003-04-08 Thread Ricardo Sousa
hi. I'm getting some alerts in my log files, and i getting worry. The logs are some like this: In /var/log/syslog,i'm getting this: Apr 8 01:01:37 zeus kernel: DENIED PORT:IN=eth1 OUT= MAC=xyz SRC=y.y.y.y DST=x.x.x.x. LEN=48 TOS=0x00 PREC=0x00 TTL=122 ID=5462 DF PROTO=TCP SPT=2276 DPT=6001 WINDO

Re: iptables rule to block when DNAT is used

2003-04-08 Thread Victor Calzado Mayo
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi On Tuesday 08 April 2003 03:04, Hanasaki JiJi wrote: > Firewall has rules to DNAT incoming traffic to a port on a DMZ box. > > how can an iptable rule be written to block some ip addresses before > they get to the rules > iptables -t mangle -A

Apache: How to prevent from accessing webdav through http?

2003-04-08 Thread stavel
Hello, I tried to configure webdav for just for htts: (For the presence it does not include more constraints :-) [/var/www]$: ln -s . webdav RewriteEngine on RewriteCond %{HTTPS} !=on RewriteRule .* - [F] DAV On NOTE: publish url is: https://localhost/webdav