/CHANGELOG |
---|
15,6 → 15,7 |
BUGS |
- Fix ACC user/group editor where attributes were not changed. |
- Fix PHP errors in ACC user/groupe attributes editor. |
- Fix traceability log due to an omission during the migration from ulog to nflog (Fail2Ban, alcasar-iptables-local-mac-filtered & alcasar-ip-blocked). |
-------------------- 3.1.3 -------------------- |
NEWS |
/conf/etc/alcasar-iptables-local.sh |
---|
18,7 → 18,7 |
then |
mac_filtered=`echo $mac_line|cut -d" " -f1` |
echo "MAC filtered = $mac_filtered" |
$IPTABLES -A FORWARD -i $INTIF -m mac --mac-source $mac_filtered -j ULOG --ulog-prefix "$mac_filtered -- Filt_DROP" |
$IPTABLES -A FORWARD -i $INTIF -m mac --mac-source $mac_filtered -j NFLOG --nflog-prefix "$mac_filtered -- Filt_DROP" |
$IPTABLES -A FORWARD -i $INTIF -p tcp -m mac --mac-source $mac_filtered -j DROP |
$IPTABLES -A FORWARD -i $INTIF -p udp -m mac --mac-source $mac_filtered -j DROP |
$IPTABLES -A FORWARD -i $INTIF -m mac --mac-source $mac_filtered -j DROP |
/conf/fail2ban.sh |
---|
318,7 → 318,7 |
# <time> unix timestamp of the ban time |
# Values: CMD |
actionban = iptables -I fail2ban-<name> 1 -s <ip> -j ULOG --ulog-prefix "Fail2Ban -- DROP" |
actionban = iptables -I fail2ban-<name> 1 -s <ip> -j NFLOG --nflog-prefix "Fail2Ban -- DROP" |
iptables -I fail2ban-<name> 1 -s <ip> -j DROP |
# Option: actionunban |
330,7 → 330,7 |
# Values: CMD |
# |
actionunban = iptables -D fail2ban-<name> -s <ip> -j DROP |
iptables -D fail2ban-<name> -s <ip> -j ULOG --ulog-prefix "Fail2Ban -- DROP" |
iptables -D fail2ban-<name> -s <ip> -j NFLOG --nflog-prefix "Fail2Ban -- DROP" |
[Init] |
/scripts/alcasar-iptables-bypass.sh |
---|
62,7 → 62,7 |
if [ $ip_on != "#" ] |
then |
ip_blocked=`echo $ip_line|cut -d" " -f1` |
$IPTABLES -A FORWARD -d $ip_blocked -j ULOG --ulog-prefix "RULE IP-blocked -- REJECT " |
$IPTABLES -A FORWARD -d $ip_blocked -j NFLOG --nflog-prefix "RULE IP-blocked -- REJECT " |
$IPTABLES -A FORWARD -d $ip_blocked -j REJECT |
fi |
done < /usr/local/etc/alcasar-ip-blocked |