Virusprot change DROP to REJECT
-
Good day,
I need some help... It's possible modify virusprot configuration? Change DROP policies to REJECT
Thanks in advance!
Ralz. -
Not easily, there's no config setting to do that. You could do it by patching the file that generates that rule if you really need to.
Steve
-
Thanks Steve.
Do you know what file?
Ralz.
-
-
Thanks Steve.
I will check.
Ralz.
-
I think i have to change this:
$ipfrules .= "block in {$log['block']} quick from <virusprot> to any ridentifier 1000000400 label \"virusprot overload table\"\n";with this:
$ipfrules .= "block return {$log['block']} quick from <virusprot> to any ridentifier 1000000400 label \"virusprot overload table\"\n";basically adding 'return' after 'block'
may it be correct, Stephen? would this small change have there be any further implication anywhere else?
Thanks,
Ralz
-
I expect it to be:
$ipfrules .= "block return in {$log['block']} quick from <virusprot> to any ridentifier 1000000400 label \"virusprot overload table\"\n";I wouldn't expect it to make any difference to anything else but there's always a chance of typoing something when editing a file like that.
-
Thanks Stephen
