Subversion Repositories ALCASAR

Compare Revisions

Ignore whitespace Rev 2350 → Rev 2353

/CHANGELOG
15,6 → 15,7
BUGS
- Fix ACC user/group editor where attributes were not changed.
- Fix PHP errors in ACC user/groupe attributes editor.
- Fix traceability log due to an omission during the migration from ulog to nflog (Fail2Ban, alcasar-iptables-local-mac-filtered & alcasar-ip-blocked).
 
-------------------- 3.1.3 --------------------
NEWS
/conf/etc/alcasar-iptables-local.sh
18,7 → 18,7
then
mac_filtered=`echo $mac_line|cut -d" " -f1`
echo "MAC filtered = $mac_filtered"
$IPTABLES -A FORWARD -i $INTIF -m mac --mac-source $mac_filtered -j ULOG --ulog-prefix "$mac_filtered -- Filt_DROP"
$IPTABLES -A FORWARD -i $INTIF -m mac --mac-source $mac_filtered -j NFLOG --nflog-prefix "$mac_filtered -- Filt_DROP"
$IPTABLES -A FORWARD -i $INTIF -p tcp -m mac --mac-source $mac_filtered -j DROP
$IPTABLES -A FORWARD -i $INTIF -p udp -m mac --mac-source $mac_filtered -j DROP
$IPTABLES -A FORWARD -i $INTIF -m mac --mac-source $mac_filtered -j DROP
/conf/fail2ban.sh
318,7 → 318,7
# <time> unix timestamp of the ban time
# Values: CMD
 
actionban = iptables -I fail2ban-<name> 1 -s <ip> -j ULOG --ulog-prefix "Fail2Ban -- DROP"
actionban = iptables -I fail2ban-<name> 1 -s <ip> -j NFLOG --nflog-prefix "Fail2Ban -- DROP"
iptables -I fail2ban-<name> 1 -s <ip> -j DROP
 
# Option: actionunban
330,7 → 330,7
# Values: CMD
#
actionunban = iptables -D fail2ban-<name> -s <ip> -j DROP
iptables -D fail2ban-<name> -s <ip> -j ULOG --ulog-prefix "Fail2Ban -- DROP"
iptables -D fail2ban-<name> -s <ip> -j NFLOG --nflog-prefix "Fail2Ban -- DROP"
 
[Init]
 
/scripts/alcasar-iptables-bypass.sh
62,7 → 62,7
if [ $ip_on != "#" ]
then
ip_blocked=`echo $ip_line|cut -d" " -f1`
$IPTABLES -A FORWARD -d $ip_blocked -j ULOG --ulog-prefix "RULE IP-blocked -- REJECT "
$IPTABLES -A FORWARD -d $ip_blocked -j NFLOG --nflog-prefix "RULE IP-blocked -- REJECT "
$IPTABLES -A FORWARD -d $ip_blocked -j REJECT
fi
done < /usr/local/etc/alcasar-ip-blocked