[CentOS] Apache Changing IPtables C 5.6 via Apache

Sun Aug 21 20:08:54 UTC 2011
Patrick Lists <centos-list at puzzled.xs4all.nl>

On 08/21/2011 02:34 PM, Craig White wrote:
>> Maybe SELinux blocks Apache from writing to /etc/sysconfig/iptables?
>> Have you looked at fail2ban and denyhosts? These apps seem to offer a
>> similar solution.
> ----
> fail2ban and denyhosts center on failed logins - I don't think this is
> what he is dealing with.

Afaik both are configurable for what you want them to listen for and how 
you want them to react to. Agree that their popular use is for listening 
for failed logins and then blocking the originating IP address. But with 
a little regex creativity, perhaps Paul could use them for his purpose.

Regards,
Patrick