Date: Thu, 19 Sep 2024 00:59:06 +0200 From: Steffen Nurpmeso <steffen@sdaoden.eu> To: fuxjez <mail@osfux.nl> Cc: Miroslav Lachman <000.fbsd@quip.cz>, freebsd-stable@freebsd.org Subject: Re: issues with syslogd include redirecting wg0 output to custom location Message-ID: <20240918225906.Npft_PNY@steffen%sdaoden.eu> In-Reply-To: <0019d1f0-0b84-448d-8ecd-5b1619103139@osfux.nl> References: <f1eb51eb-6934-4717-bca5-31f24a6988d1@osfux.nl> <ea1b110e-2605-4b81-8eb8-df4e79821c17@quip.cz> <4250c967-61c7-419a-b542-455a8f655dd1@osfux.nl> <0019d1f0-0b84-448d-8ecd-5b1619103139@osfux.nl>
next in thread | previous in thread | raw e-mail | index | archive | help
fuxjez wrote in <0019d1f0-0b84-448d-8ecd-5b1619103139@osfux.nl>: It is on Linux aka iptables, and maybe the implementations differ in that respect, but i have super strict rules for my WireGuard ports, which is easy because WireGuard moves established connections to different ports (and to outside "normal" FILTER table matching, aka, they become "invisible" to these rules). Like that i can allow some tries in a certain amount of time, otherwise (log and) block the source, without any textual log parser doing work behind the scenes. --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20240918225906.Npft_PNY>