LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices


Reply
  Search this Thread
Old 07-10-2001, 10:05 AM   #1
MrGreg
Member
 
Registered: Apr 2001
Location: Hamilton
Distribution: RedHat 7.2, 9.0
Posts: 52

Rep: Reputation: 15
[ipchains]


Greeting group,

Thanks for all the help these past few months. I am using ipchains to filter packets. This works nicely. I would now like to have rules to filter pesky banners and popups without using a proxy like junkbusters etc.
I am currently writing rules that DENY the source IP addresses but what is happening is the servers continue to push the packets. This makes for continued logging and lengthy /var/log/messages. I was able to do this quite affectively in my windows box with ZoneAlarmPro. Is there anyway to BLOCK specific IP's and eliminate the excessive logging of DENY'd packets without removing the -l?
Could someone give me a rule for this example:

-A input -s 192.168.206.10/192.168.206.29 -d 0.0.0.0/0.0.0.0 -j DENY -l

Any help would be greatly appreciated.
 
Old 07-11-2001, 05:23 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3590Reputation: 3590Reputation: 3590Reputation: 3590Reputation: 3590Reputation: 3590Reputation: 3590Reputation: 3590Reputation: 3590Reputation: 3590Reputation: 3590
No, u cant.
It would be a failure for Ipchains to parse a rule, find a match, and then *not* log it when -l is specified...
Btw whats ure argument against junkbuster?
Its way more efficient & flexible, ipchains is a *crude* solution.
 
Old 07-13-2001, 02:03 PM   #3
MrGreg
Member
 
Registered: Apr 2001
Location: Hamilton
Distribution: RedHat 7.2, 9.0
Posts: 52

Original Poster
Rep: Reputation: 15
Junkbuster config

Thanks for the reply. I assumed you have a high opinion of junkbuster, so I installed it. It appears to be working OK.

Is there anyway to improve its performance?
 
Old 07-14-2001, 06:21 AM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3590Reputation: 3590Reputation: 3590Reputation: 3590Reputation: 3590Reputation: 3590Reputation: 3590Reputation: 3590Reputation: 3590Reputation: 3590Reputation: 3590
What is the problem? Can you elaborate a bit on it? I never had any troubles with junkbusters performance...
 
Old 07-14-2001, 11:35 PM   #5
MrGreg
Member
 
Registered: Apr 2001
Location: Hamilton
Distribution: RedHat 7.2, 9.0
Posts: 52

Original Poster
Rep: Reputation: 15
Its Like This...

Using 'junkbuster', pages are slow to load. Half to quarter speed or from average 4KB's/sec down to 1-2KB's/sec. I assume this to be a normal sacrifice since 'junkbuster' examines every image on a web page. Unfortunately, I only have a 56K 'linmodem' and a dial-up. Maybe when we move in August I can look into a higher speed connection.
What are your stats?

I also have ipchains and 'portsentry' running. I'm not sure that I need 'portsentry' any longer since building the chains, but I have it in -atcp/-audp mode. I thought it to be a good secondary defense.

I do like the way 'junkbuster' crunches cookies, it took a little configuring to allow sites like 'linukquestions', to use cookies for ID/etc. I also had to change the file names on some of my own *.gifs since 'junkbuster' generically filters anything named *banner*.

I just wondered if anything could be done to improve the speed a little. Besides more up2date hardware. I'm not ready for that just yet.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Ipchains brokenflea Linux - Networking 1 02-03-2004 05:44 AM
ipchains i.d. Linux - Security 5 08-21-2002 02:12 PM
IpChains R4z0r Linux - Networking 3 03-01-2002 10:28 AM
ipchains help ... please> paulw Linux - Security 3 11-16-2001 10:15 AM
IpChains again ETT Linux - Security 3 07-24-2001 07:49 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - General

All times are GMT -5. The time now is 03:30 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration