[CentOS] Apache Changing IPtables C 5.6 via Apache
Patrick Lists
centos-list at puzzled.xs4all.nl
Sun Aug 21 20:08:54 UTC 2011
On 08/21/2011 02:34 PM, Craig White wrote:
>> Maybe SELinux blocks Apache from writing to /etc/sysconfig/iptables?
>> Have you looked at fail2ban and denyhosts? These apps seem to offer a
>> similar solution.
> ----
> fail2ban and denyhosts center on failed logins - I don't think this is
> what he is dealing with.
Afaik both are configurable for what you want them to listen for and how
you want them to react to. Agree that their popular use is for listening
for failed logins and then blocking the originating IP address. But with
a little regex creativity, perhaps Paul could use them for his purpose.
Regards,
Patrick
More information about the CentOS
mailing list