Search found 37 matches

Goto page 1, 2, 3  Next
Author Message
  Topic: Security =>incoming Log (Log_incoming.asp) what caused th
inetquestion

Replies: 11
Views: 218

PostForum: Advanced Networking   Posted: Thu Feb 02, 2023 23:59   Subject: Security =>incoming Log (Log_incoming.asp) what caused th
Tried log level on low & high, there is nothing there about dropped connections.

However, not concerned with figuring out why messages aren't logged in /var/log/messages as I've already parse ...
  Topic: Security =>incoming Log (Log_incoming.asp) what caused th
inetquestion

Replies: 11
Views: 218

PostForum: Advanced Networking   Posted: Thu Feb 02, 2023 21:20   Subject: Security =>incoming Log (Log_incoming.asp) what caused th
Doing this: grep -i drop /var/log/messages

results in lots of info about "authpriv.info dropbear".
There is nothing there about dropped connections.

Is there a reason to look here, ...
  Topic: Security =>incoming Log (Log_incoming.asp) what caused th
inetquestion

Replies: 11
Views: 218

PostForum: Advanced Networking   Posted: Thu Feb 02, 2023 20:58   Subject: Security =>incoming Log (Log_incoming.asp) what caused th
The contents change constantly... here is a snapshot.

Questions:
- what causes these to appear
- Is there any reason I shouldn't parse this list and block them permanently?
  Topic: Security =>incoming Log (Log_incoming.asp) what caused th
inetquestion

Replies: 11
Views: 218

PostForum: Advanced Networking   Posted: Thu Feb 02, 2023 19:30   Subject: Security =>incoming Log (Log_incoming.asp) what caused th
Looking at list of dropped connections in Log_incoming.asp

Are these entries due to port scanning?
Is there any reason you shouldn't block entries found in this list permanently?
  Topic: How to best lockdown router with iptables
inetquestion

Replies: 1
Views: 95

PostForum: Advanced Networking   Posted: Mon Jan 30, 2023 20:49   Subject: How to best lockdown router with iptables
Is there a list of FW rules which can be added to iptables to bolster security. Would like to lock it down much more than the check boxes provided within the gui.

Running version r51506 on linksys ...
  Topic: [SOLVED]Firewall script present, but doesn't do anything
inetquestion

Replies: 9
Views: 220

PostForum: Advanced Networking   Posted: Mon Jan 30, 2023 1:42   Subject: [SOLVED]Firewall script present, but doesn't do anything
Out of curiosity, why is using ipset so much faster than adding rules through iptables? It's orders of magnitude faster. For ~10,000 addresses it took around 200-300 seconds to add them. Now it can ...
  Topic: [SOLVED]Firewall script present, but doesn't do anything
inetquestion

Replies: 9
Views: 220

PostForum: Advanced Networking   Posted: Sun Jan 29, 2023 3:30   Subject: [SOLVED]Firewall script present, but doesn't do anything
Adding ipset command in the firewall script first fixed it. Didn't realize iptables did a verification to ensure that existed, but it makes sense now. :)

Thanks for the assistance!
  Topic: [SOLVED]Firewall script present, but doesn't do anything
inetquestion

Replies: 9
Views: 220

PostForum: Advanced Networking   Posted: Sun Jan 29, 2023 3:24   Subject: [SOLVED]Firewall script present, but doesn't do anything
The ipset list is created by an external process which updates every minute with new entries. Think I see what you mean...

A test showed I'm unable to issue the iptables command if the ipset part ...
  Topic: [SOLVED]Firewall script present, but doesn't do anything
inetquestion

Replies: 9
Views: 220

PostForum: Advanced Networking   Posted: Sat Jan 28, 2023 19:51   Subject: firewall script not applied after reboot.
Currnetly running version: v3.0-r51306
Linksys WRT3200ACM

Many IPs were added to an ipset list named BLOCKED. This part is working. The part I'm confused about is why doesn't the rule below wh ...
  Topic: [SOLVED]Firewall script present, but doesn't do anything
inetquestion

Replies: 9
Views: 220

PostForum: Advanced Networking   Posted: Sat Jan 28, 2023 15:40   Subject: [SOLVED]Firewall script present, but doesn't do anything
Saved an entry in Administration>Commands>Firewall

[code]
iptables -I FORWARD -m set --match-set BLOCKED src -j logdrop
[/code]


Verified the entry above was saved to /tmp/.rc_firewal ...
  Topic: iptables - programmatically examine dropped IPs?
inetquestion

Replies: 1
Views: 200

PostForum: Advanced Networking   Posted: Fri Oct 21, 2022 21:26   Subject: iptables - programmatically examine dropped IPs?
Existing process creates a logdrop entry for offending IPs in iptables. Would like to see how often blocked IPs gets dropped afterward.

Looked in /var/log/messages and see nothing related to dr ...
  Topic: Enable/Disable Iptables rule via cron...
inetquestion

Replies: 8
Views: 1141

PostForum: Advanced Networking   Posted: Fri Jan 28, 2022 18:41   Subject: iptables additions not taking affect when updated via cron
Curious if you figured this out. Doing something similar...

If my script is run manually, it makes iptables additions as expected. The script when run via cron is running and is executing the com ...
  Topic: Host/network blocking based on IDS scan
inetquestion

Replies: 0
Views: 1483

PostForum: Advanced Networking   Posted: Wed Jan 12, 2022 13:07   Subject: Host/network blocking based on IDS scan
Came across an old program (scalp) which scans access logs looking for regex of known security exploits... Thought it would be interesting to integrate this with dd-wrt/iptables to block source of at ...
  Topic: need help Setting QoS via command line (telnet or ssh)
inetquestion

Replies: 12
Views: 8871

PostForum: Advanced Networking   Posted: Sat Oct 30, 2021 19:03   Subject: what was resolution?


Curious, did you resolved the issue/question with QOS? I'm getting something similar with SSH accepting authentication and then hanging. Many of the threads on that topics are pointing to QOS re ...
  Topic: TFTP upload script with menu - waits until host available
inetquestion

Replies: 3
Views: 13012

PostForum: Contributions Upload   Posted: Mon Oct 11, 2021 13:28   Subject: TFTP upload script with menu - waits until host available
Wondered why the HOST was in the *config* section... smh
Goto page 1, 2, 3  Next
All times are GMT
Navigation
Jump to: