[firewall] blackliste flood sur le triplet (srcip,dstip,dstport)

darcs-hash:20101022230405-ffbb2-20d9df0fe510e90cef68a0b8b486db7da77a3b09.gz
2010-10-23 01:04:05 +02:00 · 2010-10-23 01:04:05 +02:00 · 7c2eeca43c
commit 7c2eeca43c
parent 3dac6eebf5
1 changed files with 1 additions and 1 deletions
--- a/gestion/gen_confs/firewall.py
+++ b/gestion/gen_confs/firewall.py
@ -113,7 +113,7 @@ class firewall_crans :

    limit = " -m limit --limit 10/s --limit-burst 10 "
    log_template = '-m limit --limit 1/s --limit-burst 1 -j LOG --log-level notice --log-prefix '
-    filtre_flood =  '-m hashlimit --hashlimit 20 --hashlimit-mode srcip --hashlimit-name flood'
+    filtre_flood =  '-m hashlimit --hashlimit 20/second --hashlimit-mode srcip,dstip,dstport --hashlimit-name flood'

    machines = []
    debug = 1