From nobody Wed Sep 18 22:59:06 2024 X-Original-To: freebsd-stable@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4X8Dbx3WQYz5W8xh for ; Wed, 18 Sep 2024 22:59:09 +0000 (UTC) (envelope-from steffen@sdaoden.eu) Received: from sdaoden.eu (sdaoden.eu [217.144.132.164]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4X8Dbx1Bp5z3xf2 for ; Wed, 18 Sep 2024 22:59:09 +0000 (UTC) (envelope-from steffen@sdaoden.eu) Authentication-Results: mx1.freebsd.org; none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sdaoden.eu; s=citron; t=1726700347; x=1727367013; h=date:author:from:to:cc:subject: message-id:in-reply-to:references:mail-followup-to:openpgp:blahblahblah: author:from:subject:date:to:cc:resent-author:resent-date:resent-from: resent-sender:resent-to:resent-cc:resent-reply-to:resent-message-id: in-reply-to:references:mime-version:content-type: content-transfer-encoding:content-disposition:content-id: content-description:message-id:mail-followup-to:openpgp:blahblahblah; bh=spHwSB6l/3lhoFB5RWdamEfwixdT2Vc6dV+z8zOoo+s=; b=awxY5fUgCPVFu/RXOngjt9WZ8KOJyju2jalh+HzadXBCWN5fCWPy8lOKU5B+IKzFBTz0j4ZR aeaYC+IyPnY/06drvPI6OhhMWPDsyrXv7cQDU2nEDsnd7PGKIASnQurF59qBiovVkr7dl78+M2 9nr+BjMKrXtpgHNCVrNB3VLRZOo6FB3DyKkvAQEt1ufuzp6bq5AiDLqD0qUQiWJwE+kQvlwDRX oFuwZ6XdvFMM4g3shuNNG6WFzNYAHLBDuEOuNlMJYhT5dGeIFTGJvQsUwQhYN8wUvrgaeeleDz fcChbz5cDYqp/y03Q84fwOIkSdnXCTq9savAlUBkL/FteX8Q== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=sdaoden.eu; s=orange; t=1726700347; x=1727367013; h=date:author:from:to:cc:subject: message-id:in-reply-to:references:mail-followup-to:openpgp:blahblahblah: author:from:subject:date:to:cc:resent-author:resent-date:resent-from: resent-sender:resent-to:resent-cc:resent-reply-to:resent-message-id: in-reply-to:references:mime-version:content-type: content-transfer-encoding:content-disposition:content-id: content-description:message-id:mail-followup-to:openpgp:blahblahblah; bh=spHwSB6l/3lhoFB5RWdamEfwixdT2Vc6dV+z8zOoo+s=; b=8jlR+kEh+NMQK06LdBQVHq4rnOTilBAyR5Dh+nQ/joPBuzcwyF5vCB7jWjxYt8S/fqhvT+3y dF5ZnRn/BgvhCQ== Date: Thu, 19 Sep 2024 00:59:06 +0200 Author: Steffen Nurpmeso From: Steffen Nurpmeso To: fuxjez Cc: Miroslav Lachman <000.fbsd@quip.cz>, freebsd-stable@freebsd.org Subject: Re: issues with syslogd include redirecting wg0 output to custom location Message-ID: <20240918225906.Npft_PNY@steffen%sdaoden.eu> In-Reply-To: <0019d1f0-0b84-448d-8ecd-5b1619103139@osfux.nl> References: <4250c967-61c7-419a-b542-455a8f655dd1@osfux.nl> <0019d1f0-0b84-448d-8ecd-5b1619103139@osfux.nl> Mail-Followup-To: fuxjez , Miroslav Lachman <000.fbsd@quip.cz>, freebsd-stable@freebsd.org User-Agent: s-nail v14.9.25-608-ge479530e8d OpenPGP: id=EE19E1C1F2F7054F8D3954D8308964B51883A0DD; url=https://ftp.sdaoden.eu/steffen.asc; preference=signencrypt BlahBlahBlah: Any stupid boy can crush a beetle. But all the professors in the world can make no bugs. X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:15987, ipnet:217.144.128.0/20, country:DE] X-Rspamd-Queue-Id: 4X8Dbx1Bp5z3xf2 X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated List-Id: Production branch of FreeBSD source code List-Archive: https://lists.freebsd.org/archives/freebsd-stable List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: freebsd-stable@freebsd.org Sender: owner-freebsd-stable@FreeBSD.org fuxjez wrote in <0019d1f0-0b84-448d-8ecd-5b1619103139@osfux.nl>: It is on Linux aka iptables, and maybe the implementations differ in that respect, but i have super strict rules for my WireGuard ports, which is easy because WireGuard moves established connections to different ports (and to outside "normal" FILTER table matching, aka, they become "invisible" to these rules). Like that i can allow some tries in a certain amount of time, otherwise (log and) block the source, without any textual log parser doing work behind the scenes. --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt)