Talk:Iptables
I've got some jerk who's repeatedly trying to get into my computer, (59 attempts on root, 42 attempts on unknown), every single day.
I'm trying to do a ban. I saw this...
iptables -A INPUT -p tcp -sport xxx.xxx.xxx.xxx -j REJECT --reject-with tcp-reset
...on a web page, but I'm kind of suspicious.
Isn't -sport supposed to be followed by a port name?
I'd like to just say: "Don't accept anything at all from this IP address."
I'd also like to be able to reverse it at some time in the future.
-- LionKimbro
Here's another one that seems better to me:
iptables -A INPUT -p ALL -s xxx.xxx.xxx.xxx -j REJECT
This approach seems to make more sense, because it looks like it will reject everything. The tradeoff seems to be inability to use "tcp-reset," which seems to be able to prevent some probes of some sort.
-- LionKimbro
I also wonder: How do you confirm that the ban was actually instated, and working? It seems like it's hard to pretend to be another computer with the given IP address. I suppose for now, I'll just check my root mail, to see if connection attempts are still being made.
-- LionKimbro
Dunno man, ask over at the LQ forums. Crazyeddie 15:53, Sep 10, 2004 (EDT)
- No, that's dumb. You can't refactor a q&a session in the LQ forums.
- Wiki is superior. :)
- After the questions & answers are done, you can make everything nice.
- -- LionKimbro
- Lion, on the Wiki discussion pages is about article content, not how to use or do whatever is in the articles. Ask at the forums, or your questions may not be answered. Dysprosia 00:10, Sep 12, 2004 (EDT)
Crazyeddie is right. This is not the right place to ask questions, The discussion forums are for that purpose. -Scapade
- quoting Lion, "Wiki is superior."
Woah, did anybody else have a flash to "The Terrible Secret of Space"? Or maybe I just need more sleep. Or less internet memes. Anyway, my take on tech support questions in the wiki: The best place to ask them is the LQ forums. If they are trivial, and you are too lazy to leave the wiki, then go ahead and ask them. A reasonably good definition of a non-trivial question is if it stumps someone who has just stepped up from being a noob. Like me. (Of course, I may be giving myself too much credit.) Keep in mind that we are under no obligation, even by convention, to answer you - it just isn't the purpose of this wiki. Also, you will probably get a better response from the LQ wiki. I suspect that the answer-providers at the LQ forums have a lot more Linux experience than the average LQwiki contributor. It takes quite a bit of confidence to try to help someone with their problems, and many LQwikiers are here to research in addition to contributing. Plus, I suspect one of the reasons the LQ started this wiki was to get more traffic to the forums, and it might not be a good idea to tick off the landlords.
My views are actually on the tolerant end of the spectrum when it comes to this question - I think one of the other moderators has a boilerplate "bugger off" message that he uses in response to tech support questions. Crazyeddie 03:07, Sep 12, 2004 (EDT)
For anyone whose interested.... the "official line" is to refer members to the forum section to ask questions - that's what it's there for.... ;) --Skyline 07:00, Sep 12, 2004 (EDT)
My line is that without a nice way to connect between the forums and the wiki, then they are basically like two seperate universes, and don't benefit from each other.
Two ways to solve this problem:
- Make it very easy to attach threads to pages.
- Make it very easy to attach pages to threads.
For attaching pages to threads, you'd want something (if I don't mind saying so) something like Local Names. This makes it so you can refer to wiki pages within the forums just like we do in here- you put two brackets on the sides of the words, and they automatically link to the wiki page. This affords use of the wiki from within the forums.
For making it easy to attach threads to pages, I would think it might work something like this: When you create a thread, you can also specify what wiki pages the thread should be attached to. If you were having a problem getting Inkscape to work with Fedora Core 3, for example, perhaps you would attach the thread to the InkscApe page. Even if the Inkscape page did not exist yet. Then, if you were on the discussion page for Inkscape, you would see, near either the top or bottom, the list of threads going on relating to the page.
This would make it clear what types of questions people are having about the subject, and it would suggest what kinds of things need to go into the article.
But as it is now, it is like the Wiki and the Forums are two completely different universes, only aligned together by style. Style is helpful, but it's not helping very much.
Being dedicated to the development of the content in this wiki, but also having questions, I feel that the easiest go-between is to just ask the questions in the discussion page on the wiki, since it is easier to make a wiki discussion page act like a forum, than it is to make a forum page act like a wiki page. That is: Given two seperate universes, I have to choose (basically) one or the other. Since the wiki universe can emulate the forums, but not vice versa, I feel compelled (right or wrong, I feel compelled) to ask questions on the wiki.
Now, I am busy putting this design issue in front of the right people. (You can see some of my efforts.)
I recognize that you are not all interested in the redesign of the site software, however.
So, perhaps the go-between should be this: Ask questions in the forum, but manually place links between the forum pages and the relevant wiki pages.
That is: place a link from the discussion page to the forum thread, and place a link from forum threads (in new messages) to any relevant wiki entries.
I hope that the problems are understood, and that my approach seems reasonable to people. I am not inflexible, merely frustrated.
You can link to the wiki from the forums now. Just write [[article name]], and the forum software will take care of the rest. I suppose you could also do an external link to a forum thread. Basically, what we need now are forum goers who know about this feature, and know enough about the wiki to link to relevant articles. Crazyeddie 18:45, Feb 8, 2005 (EST)