This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
сервис_portsentry [2017/07/05 08:07] val [Настройка на блокировку с использованием route] |
сервис_portsentry [2020/07/22 08:46] val [Настройка на блокировку с использованием route] |
||
---|---|---|---|
Line 9: | Line 9: | ||
==== Debian/Ubuntu ==== | ==== Debian/Ubuntu ==== | ||
<code> | <code> | ||
- | server# apt install portsentry | + | # apt install portsentry |
- | + | ||
- | server# cd /etc/portsentry/ | + | |
- | </code> | + | |
- | + | ||
- | ==== FreeBSD ==== | + | |
- | <code> | + | |
- | server# pkg install portsentry | + | |
- | + | ||
- | server# cd /usr/local/etc/ | + | |
- | + | ||
- | server# cp portsentry.conf.default portsentry.conf | + | |
- | + | ||
- | server# cp portsentry.ignore.default portsentry.ignore | + | |
</code> | </code> | ||
Line 28: | Line 15: | ||
<code> | <code> | ||
- | server# cat portsentry.conf | + | # cat /etc/portsentry/portsentry.conf |
</code><code> | </code><code> | ||
... | ... | ||
Line 35: | Line 22: | ||
... | ... | ||
</code><code> | </code><code> | ||
- | server# tail -f /var/log/syslog | + | # tail -f /var/log/syslog |
- | или | + | |
- | server# tail -f /var/log/messages | + | |
</code> | </code> | ||
Line 45: | Line 30: | ||
<code> | <code> | ||
- | server# :> /etc/hosts.deny | + | # :> /etc/hosts.deny |
- | server# cat portsentry.conf | + | # cat /etc/portsentry/portsentry.conf |
</code><code> | </code><code> | ||
... | ... | ||
Line 62: | Line 47: | ||
<code> | <code> | ||
- | server# cat portsentry.conf | + | # cat /etc/portsentry/portsentry.conf |
</code><code> | </code><code> | ||
... | ... | ||
+ | # Newer versions of Linux support the reject flag now. This | ||
+ | # is cleaner than the above option. | ||
KILL_ROUTE=... | KILL_ROUTE=... | ||
... | ... | ||
</code><code> | </code><code> | ||
/sbin/route del -host 192.168.N.M reject | /sbin/route del -host 192.168.N.M reject | ||
- | <code> | + | </code> |
===== Просмотр заблокированных хостов ===== | ===== Просмотр заблокированных хостов ===== | ||
<code> | <code> | ||
- | server# cat /var/lib/portsentry/portsentry.blocked.* | + | # cat /var/lib/portsentry/portsentry.blocked.* |
- | или | + | |
- | server# cat /usr/local/etc/portsentry.blocked.* | + | |
</code> | </code> | ||