Commit 94af09da authored by Steve Kemp's avatar Steve Kemp
Browse files

bytemark-vhost-firewall (2009.1019-1) stable; urgency=low

  * Supply empty local.d/ and whitelist.d/ directories by default.
    * Log to syslog any IPs which we've temporarily blacklisted.

     -- Steve Kemp <steve@bytemark.co.uk>  Mon, 19 Oct 2009 14:32:21
        +0000
parent 1766ab66
......@@ -89,8 +89,10 @@ use strict;
use warnings;
use English;
use File::Basename;
use Getopt::Long;
use Pod::Usage;
use Sys::Syslog;
......@@ -486,6 +488,12 @@ sub processRules
#
#
#
# Open syslog for logging purposes
#
my $prog = basename($0);
openlog($prog, 'pid', 'user');
my $count = 0;
foreach my $ip ( keys %BLACKLIST )
......@@ -528,6 +536,9 @@ sub processRules
close(LOG);
$CONFIG{ 'verbose' } && print "Blacklisting: $ip\n";
syslog('info', "Blacklisting IP: $ip" );
$count += 1;
}
else
......@@ -545,6 +556,12 @@ sub processRules
}
}
#
# Close syslog
#
closelog();
#
# Return the count of IPs we blacklisted.
......
bytemark-vhost-firewall (2009.1019-1) stable; urgency=low
* Supply empty local.d/ and whitelist.d/ directories by default.
* Log to syslog any IPs which we've temporarily blacklisted.
-- Steve Kemp <steve@bytemark.co.uk> Mon, 19 Oct 2009 14:32:21 +0000
bytemark-vhost-firewall (2009:1009-1) stable; urgency=low
* Our blacklist application now can block on a per-port basis, and
......
......@@ -4,6 +4,8 @@ etc/network/if-up.d
etc/network/if-down.d
usr/share/man/man1
etc/firewall/incoming.d/
etc/firewall/local.d/
etc/firewall/outgoing.d/
etc/firewall/blacklist.d/
etc/firewall/patterns.d/
\ No newline at end of file
etc/firewall/patterns.d/
etc/firewall/whitelist.d/
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment