[Shorewall-users] dynamic blacklisting

Tom Eastep teastep@shorewall.net
Mon, 08 Jul 2002 16:43:34 -0700


Greg M wrote:
> Hi folks,
> 
> If I do...
> 
> shorewall drop x.x.x.x
> 
> Then I do...
> 
> shorewall save
> 
> the blacklist file doesn't seem to be updated.

Did you see anywhere in the documentation that said that it would be 
updated?

> 
> http://www.shorewall.net/blacklisting_support.htm states "save the 
> dynamic blacklisting configuration so that it will be automatically 
> restored the next time that the firewall is restarted".
> 
> This infers the blacklisted ip's will be saved, but where?

/var/lib/shorewall/save.

> 
> Am I misinterpreting the documentation on how this feature works?

Yes and No

-Tom
-- 
Tom Eastep    \ Shorewall - iptables made easy
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ teastep@shorewall.net