blocking attacks with shorewall+denyhosts (was Re: iptables out of memory?)
jkinz at kinz.org
jkinz at kinz.org
Sat Jan 31 10:42:00 EST 2009
On Thu, Jan 29, 2009 at 05:57:24PM -0500, Alan Johnson wrote:
> Very sweet! I'll have to look into that. I've had good experience with
> shorewall in the past, and there is a nice webmin module for it, but I've
> been holding off in this case it since iptables is easy enough to use for my
> simple IPA blocks, and I expect better perfomance with iptables since it is
> built into the kernel, but I don't really know.
IIRC Shorewall is front end to iptables so getting the same
performance is possible, in theory - depending on what Shorewall
does for you that you may not want. :-)
Jeff Kinz
--
More information about the gnhlug-discuss
mailing list