On Jul 14, 2016, at 6:50 PM, Noel Jones wrote:
> Aside from Wietse's joke about speeding up the remote DNS, just
> ignore these. The actual load incurred on your system is
> essentially nil, especially when they're blocked in postscreen.
Thanks. I wasn’t so much worried about load, but about the
Am 16.07.16 21:30 schrieb(en) Sebastian Nielsen:
You could use iptables to look for:
"--BEGIN"
"--END"
"/signed"
"/encrypted"
"/pkcs7"
"/pgp"
Anywhere in the packet. In that case, you drop the connection, send a RST
IMO this is too restrictive as it would produce false positives, e.g. for you
