[Firehol-support] Re: Integrating ipt_recent with FireHOL

Costa Tsaousis costa at tsaousis.gr
Sat Nov 12 12:11:47 GMT 2005

I will try to answer to all questions:

Q: Rick Marshall wrote:
really need the option to not log the overflow connections - it's the 
0.5MB email i get every day from the log files that i want to reduce. 
and i've noticed that the ssh username lists used to attack servers is 
getting very long now.

A: Check the documentation for FIREHOL_LOG_FREQUENCY. I also suggest to 
use ULOGD to isolate the firewall logs from the system logs.

Q: Redeeman wrote:
nice, i see you havent comitted to cvs though..
when do you think this will be released in a public release?

A: I always submit everything to the CVS. However the public CVS server 
on SF.NET usually is 24 hours behind. That is why I also give you 
http://firehol.sf.net/firehol.tar.gz. This file is produced from the 
SF.NET CVS server.

Q: Redeeman wrote:
btw, the man pages specify config file as /etc/firehol.conf, while the 
script still uses /etc/firehol/firehol.conf :)

A: I have updated them. Thanks.

Now, about the recent match, you should know that:

1. kernel versions prior to 2.6.13 may have issues. Check these:

2. There are a few limitations you should be aware of. For example, only 
the last 100 hosts are checked.
Check this: 


More information about the Firehol-support mailing list