Re: Dabase BAcked IPTables - Eliezer Croitoru

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Eliezer Croitoru <eliezer@ngtech.co.il>
To: Nick Khamis <symack@gmail.com>
Cc: netfilter@vger.kernel.org
Subject: Re: Dabase BAcked IPTables
Date: Sat, 29 Jun 2013 17:47:29 +0300	[thread overview]
Message-ID: <51CEF381.9000701@ngtech.co.il> (raw)
In-Reply-To: <CAGWRaZbhje76Lxxp_jr=xGpshyPYz-=k=H3N_XEgeH3nmqPJMg@mail.gmail.com>

The internet works on IP not on mac....
it's like "I want to buy a car who don't move"
OK NP just buy something else then a car...

ipset is the tool and you would need couple security levels in order to 
prevent spoofing and defending aginst Some malicious attempts on this 
site..

Eliezer

On 06/29/2013 04:21 AM, Nick Khamis wrote:
> Ooops, I realized how many blanks I am leaving in my messages. The
> website is only used to allow the user to enter their mac address in
> order to have access to our services (not HTTP).
>
> Yes, ./iptables.sh is the ruleset script.
>
>>> When you update your ipset, any rule referring to that set uses the
>>> new set right away. There would be no point in dumping and then
>>> reloading your ruleset.
>
> Hmm, this covers adding *new* mac or even ip addresses however, how
> would delete/modify existing entries dynamically.
>
> Kind Regards.
>
> Nick.
> --
> To unsubscribe from this list: send the line "unsubscribe netfilter" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
>

     prev parent reply	other threads:[~2013-06-29 14:47 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-06-28 15:01 Dabase BAcked IPTables Nick Khamis
2013-06-28 15:12 ` Ricardo Klein
2013-06-29 18:19   ` Jozsef Kadlecsik
2013-06-29 20:10     ` Andrew Beverley
2013-06-29 20:39       ` Nick Khamis
2013-06-29 21:00         ` Neal Murphy
2013-06-29 23:12           ` Nick Khamis
2013-06-30 12:13             ` Dash Four
2013-06-30 13:27               ` Nick Khamis
2013-06-28 23:19 ` /dev/rob0
2013-06-29  0:00   ` Ricardo Klein
2013-06-29  0:05   ` Nick Khamis
2013-06-29  0:28     ` /dev/rob0
2013-06-29  1:21       ` Nick Khamis
2013-06-29 14:47         ` Eliezer Croitoru [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=51CEF381.9000701@ngtech.co.il \
    --to=eliezer@ngtech.co.il \
    --cc=netfilter@vger.kernel.org \
    --cc=symack@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.