/conf/etc/alcasar-iptables-local.sh |
---|
18,7 → 18,7 |
then |
mac_filtered=`echo $mac_line|cut -d" " -f1` |
echo "MAC filtered = $mac_filtered" |
$IPTABLES -A FORWARD -i $INTIF -m mac --mac-source $mac_filtered -j ULOG --ulog-prefix "$mac_filtered -- Filt_DROP" |
$IPTABLES -A FORWARD -i $INTIF -m mac --mac-source $mac_filtered -j NFLOG --nflog-prefix "$mac_filtered -- Filt_DROP" |
$IPTABLES -A FORWARD -i $INTIF -p tcp -m mac --mac-source $mac_filtered -j DROP |
$IPTABLES -A FORWARD -i $INTIF -p udp -m mac --mac-source $mac_filtered -j DROP |
$IPTABLES -A FORWARD -i $INTIF -m mac --mac-source $mac_filtered -j DROP |
/conf/fail2ban.sh |
---|
318,7 → 318,7 |
# <time> unix timestamp of the ban time |
# Values: CMD |
actionban = iptables -I fail2ban-<name> 1 -s <ip> -j ULOG --ulog-prefix "Fail2Ban -- DROP" |
actionban = iptables -I fail2ban-<name> 1 -s <ip> -j NFLOG --nflog-prefix "Fail2Ban -- DROP" |
iptables -I fail2ban-<name> 1 -s <ip> -j DROP |
# Option: actionunban |
330,7 → 330,7 |
# Values: CMD |
# |
actionunban = iptables -D fail2ban-<name> -s <ip> -j DROP |
iptables -D fail2ban-<name> -s <ip> -j ULOG --ulog-prefix "Fail2Ban -- DROP" |
iptables -D fail2ban-<name> -s <ip> -j NFLOG --nflog-prefix "Fail2Ban -- DROP" |
[Init] |