do an e2fsck on /opt.
i guess the file system needs to be checked.
wengi
Printable View
do an e2fsck on /opt.
i guess the file system needs to be checked.
wengi
[admin@ASUS_160GB /opt]$ e2fsck /dev/discs/disc0/part2Quote:
Originally Posted by wengi
e2fsck 1.41.2 (02-Oct-2008)
/dev/discs/disc0/part2 is mounted.
WARNING!!! Running e2fsck on a mounted filesystem may cause
SEVERE filesystem damage.
Is it safe to run or better be unmounted? And it is possible to run when /opt is unmounted? (When speaking about unmounting I dont know how to unmount :( umount /dev/discs/disc0/part2 doesnt working) umount: Couldn't umount /dev/scsi/host0/bus0/target0/lun0/part2: Invalid argument
And which parameters to use with e2fsck ? Is it e2fsck /dev/discs/disc0/part2 ok?
stop all services running on /opt so it is not used any more.
then unmount /opt
wengi
Can you help me to find what more is running at /opt?Quote:
Originally Posted by wengi
[admin@ASUS_160GB root]$ ps axf
PID TTY STAT TIME COMMAND
1 ? S 0:01 /sbin/init
2 ? S 0:00 [keventd]
3 ? SN 0:00 [ksoftirqd_CPU0]
4 ? S 0:00 [kswapd]
5 ? S 0:00 [bdflush]
6 ? S 0:00 [kupdated]
7 ? S 0:00 [mtdblockd]
61 ? S 0:00 telnetd
66 ? S 0:00 httpd
71 ? S 0:00 klogd
72 ? S 0:00 [khubd]
80 ? Ss 0:00 lpd
82 ? Ss 0:00 p9100d -f /dev/usb/lp0 0
86 ? Ss 0:00 waveservermain
88 ? Ss 0:00 rcamdmain
92 ? S 0:00 [usb-storage-0]
93 ? S 0:00 [scsi_eh_0]
95 ? Ss 0:00 infosvr br0
96 ? Ss 0:00 watchdog
97 ? Ss 0:00 \_ ntp
105 ? S 0:00 dropbear
117 ? Rs 0:00 \_ dropbear
149 pts/0 Ss 0:00 \_ -sh
197 pts/0 R+ 0:00 \_ ps axf
124 ? S 0:00 [kjournald]
125 ? S 0:00 [kjournald]
128 ? Ss 0:00 /usr/sbin/vsftpd
130 ? Ss 0:00 /usr/sbin/nmbd -D
132 ? Ss 0:00 /usr/sbin/smbd -D
[admin@ASUS_160GB root]$ umount /dev/discs/disc0/part2
umount: Couldn't umount /dev/scsi/host0/bus0/target0/lun0/part2: Invalid argument
You should tryif you get a "umount: cannot umount /opt: Device or resource busy" then begin to kill services.Code:umount /opt
i would guess vsftp and smb.
wengi
Hi, I was unsuccesfull again :( Killed everything what I thing and still cant unmount.Quote:
Originally Posted by wengi
Is it possible to change pre-mount at /usr/local/sbin to not mount disc and restart and check it?
I have pre-mount from you. How i can modify it? Thanks a lot.
the simplest way is just:
flashfs disable && reboot
after that disk will be automounted to something like /tmp/mnt/diskX_Y (check exact name), but none of the services related to disk will be started. Then you
umount /tmp/mnt/diskX_Y
now it should work. Then run e2fsck. When you finished:
flashfs enabled && reboot
:confused: flashfs disable && reboot gives me:Quote:
Originally Posted by al37919
[admin@ASUS_160GB root]$ flashfs disable && reboot
/sbin/flashfs: /sbin/flashfs: 20: cat: Permission denied
/sbin/flashfs: /sbin/flashfs: 73: nvram: Permission denied
/sbin/flashfs: /sbin/flashfs: 73: nvram: Permission denied
EDIT: So, i tried this flashfs disable && reboot in few seconds after restart (before router mounted discs) and now i cannot connect with putty to it (gives me connection refused). But I discovered that i can access command line from web interface and finally unomunted it :)
Then i run e2fsck and it gives me that it needs terminal to interactive. So I tried e2fsck -p and then I flashfs enabled && reboot. But Problem is still the same.
[admin@ASUS_160GB root]$ ipkg update
Downloading http://ipkg.nslu2-linux.org/feeds/op...le/Packages.gz
sh: wget: Permission denied
An error ocurred, return value: 1.
Collected errors:
ipkg_download: ERROR: Command failed with return value 127: `wget -q -P /opt/ipkg-6AXChz http://ipkg.nslu2-linux.org/feeds/op...le/Packages.gz'
Maybe e2fsck takes a longer time. How long for 1GB? Or how parameters I must use with e2fsck from web interface? :)
For info I typed to system command: e2fsck -p /dev/discs/disc0/part2
And it gives: /dev/discs/disc0/part2: clean, 8240/125696 files, 30375/251015 blocks (check in 4 mounts)
EDIT2: So I rebooted 4times to force e2fsck to check disc and to be sure run again e2fsck -p /dev/discs/disc0/part2 but after flashfs enabled && reboot again:
ipkg update
sh: wget: Permission denied
It is possible somehow to do e2fsck with putty? :)
I have an Asus WL500GPV2 and I decided to try Oleg after dd-wrt (eko's NEWD).
My problem is that I installed OLEG 2.0.1.5 firmware (from forums discussions I found that should be a good choice instead Oleg 3.0.2.6).
I started utelnetd from secret page (utelnetd does not start automatically, I found it in /usr/sbin), and I found no dropbear and no flashfs script on either /bin, /sbin, /usr/bin or usr/sbin.
Can someone give me flashfs script and dropbear to install? And some help to install them?
Thank you very much and I hope to help others too, after I will learn this firmware.
ssh will be disabled, as dropbear is started from flashfsQuote:
But I discovered that i can access command line
you can either start it from web-command-line by typing:
or access router through telnet (it should be enabled in the web interface, but then it starts automatically)PHP Code:dropbear
:D:D:D where did you found so advanced "Oleg's" firmwares?Quote:
My problem is that I installed OLEG 2.0.1.5 firmware (from forums discussions I found that should be a good choice instead Oleg 3.0.2.6).
To the best of my knowledge, the last Oleg's firmware titled 1.9.2.7-10
From this web page top link "Firmware Wizard" ->> asus->wl500gpv2. Link to asus wl500gpv2 download directory -> http://files.wl500g.info/asus/wl500gpv2/firmware/Quote:
Originally Posted by al37919
:(:(:(
it is asus original.
If you wish to get real Oleg's firmware, it is available here: http://oleg.wl500g.info/
For wl500gPv2 better take last version from here: http://oleg.wl500g.info/pre10a/ It seems to be very close to the next bugfix release.
Very fast answer! Thank you! You've just got maximum points :D:D:D!!!Quote:
Originally Posted by al37919
I read first page maybe hundreds times, but I did not think to click the link in the bottom of page! Bad for me!
Again, thank you!
Is there a way I can flash my asus to the previous version of oleg 1.9.2.7-9?
I'm currently on 1.9.2.7-10 but my router crashes every day almost.
Or how can I get the logs to see what is going on there?
I have wl-500gp v2
thank you.
what the problem is? Download and flash.Quote:
Originally Posted by garifo
The best way to way to debug the situation is to get out system console output from the built in serial port. It requires some soldering skills.
More simple way could be to redirect syslog to the external storage, so that you can see if something was posted before the crash. I thing wengi's tutorial has something about that
Thanks, I havent time to test it yet but I have another question on my mind :)Quote:
Originally Posted by al37919
Is it way how to access to LAN computer which have windows sharing? For example best way for me will be through mc :) But probably must be mounted to some directory? Anyone have experience with this? :)
Use TELNET instead of ssh (as posted before).Quote:
Originally Posted by Etor
I do not get the question. You want to do what? With mc?
wengi
First - thanks for the great tutorial, wengi :)
My smb.conf is resetting on reboot so that I lose a couple key manual settings - specifically "encrypt = yes" which is required for access via a Mac. I'm using the onboard samba via the web interface. I added smb.conf to /usr/local/.files
so that it should be saved when I execute "flashfs save && flashfs commit && flashfs enable && reboot" which I've run after making the desired changes to smb.conf. Executing "flashfs load" at the command line after reboot effectively loads my customized smb.conf and I'm fine - but why isn't it loading automatically on reboot? Do I need to add the load to one of the startup scripts? I thought it should automatically run...
THANKS
if you enable samba in the web-interface then /etc/smb.conf is automatically generated based on the settings in it every time you start router. So if you wish to customize smb.conf --- disable samba in web-interface and run from post-boot something like:
PHP Code:/usr/sbin/smbd -D
/usr/sbin/nmbd -D
I didn't realize that about smb.conf - makes sense based on what I'm seeing. I'll give your recommendation a try. THANKS
I have asus wl500gpv2 and installed the latest Oleg WL500gpv2-1.9.2.7-10.7.trx.
Sometimes when I give command "iptables -t nat -L" or "iptables -L" the listing freezes at half. I have to stop it.
I followed Wengi tutorial and I enabled syslogd to log on fixed hdd, but the log does not show anything. I stopped dropbear in post-mount and start sshd (openssh) from /opt, but the behavior is the same.
It seems that ssh console take commands and react slowly. I work with all services stopped: samba, ftp, upnp, and most of the time I have 50% free RAM!!!
By the way, upnp service don't work. Does anybody knows whatever to make it work?
Or should be better to my router model to revert to previously OLEG firmware?(WL500gpv2-1.9.2.7-10.5.trx or so)
Where have you found this firmware?Quote:
Originally Posted by adrianio
Last "original" oleg is WL500gp-1.9.2.7-10.trx
Try this.
adrianio
try -n switch of iptables
kaizen
WL500gpv2-1.9.2.7-10.7.trx is a bugfix pre-release. It has pretty minor changes against 10, but incorporates later wifi driver which performs better for wl500gPv2
what meens this error and how can i fix`it ??
Code:Mar 12 20:37:48 kernel: ip_conntrack: table full, dropping packet.
Mar 12 20:37:49 kernel: ip_conntrack: table full, dropping packet.
Mar 12 20:37:49 kernel: ip_conntrack: table full, dropping packet.
Mar 12 20:37:49 kernel: ip_conntrack: table full, dropping packet.
Mar 12 20:37:49 kernel: ip_conntrack: table full, dropping packet.
Mar 12 20:37:49 kernel: ip_conntrack: table full, dropping packet.
Mar 12 20:37:49 kernel: ip_conntrack: table full, dropping packet.
Mar 12 20:37:49 kernel: ip_conntrack: table full, dropping packet.
Mar 12 20:37:49 kernel: ip_conntrack: table full, dropping packet.
Mar 12 20:37:49 kernel: ip_conntrack: table full, dropping packet.
Mar 12 20:37:53 kernel: NET: 85 messages suppressed.
Mar 12 20:37:53 kernel: ip_conntrack: table full, dropping packet.
Mar 12 20:37:58 kernel: NET: 91 messages suppressed.
Mar 12 20:37:58 kernel: ip_conntrack: table full, dropping packet.
Mar 12 20:38:03 kernel: NET: 141 messages suppressed.
Mar 12 20:38:03 kernel: ip_conntrack: table full, dropping packet.
Mar 12 20:38:08 kernel: NET: 134 messages suppressed.
Mar 12 20:38:08 kernel: ip_conntrack: table full, dropping packet.
Mar 12 20:38:13 kernel: NET: 170 messages suppressed.
Mar 12 20:38:13 kernel: ip_conntrack: table full, dropping packet.
Mar 12 20:38:18 kernel: NET: 174 messages suppressed.
Mar 12 20:38:18 kernel: ip_conntrack: table full, dropping packet.
Mar 12 20:38:23 kernel: NET: 157 messages suppressed.
Mar 12 20:38:23 kernel: ip_conntrack: table full, dropping packet.
Mar 12 20:38:28 kernel: NET: 189 messages suppressed.
Mar 12 20:38:28 kernel: ip_conntrack: table full, dropping packet.
Mar 12 20:38:33 kernel: NET: 180 messages suppressed.
Mar 12 20:38:33 kernel: ip_conntrack: table full, dropping packet.
Mar 12 20:38:38 kernel: NET: 173 messages suppressed.
Mar 12 20:38:38 kernel: ip_conntrack: table full, dropping packet.
Mar 12 20:38:43 kernel: NET: 226 messages suppressed.
Mar 12 20:38:43 kernel: ip_conntrack: table full, dropping packet.
Mar 12 20:38:48 kernel: NET: 158 messages suppressed.
Mar 12 20:38:48 kernel: ip_conntrack: table full, dropping packet.
Mar 12 20:38:53 kernel: NET: 190 messages suppressed.
Mar 12 20:38:53 kernel: ip_conntrack: table full, dropping packet.
Mar 12 20:38:58 kernel: NET: 185 messages suppressed.
Mar 12 20:38:58 kernel: ip_conntrack: table full, dropping packet.
Mar 12 20:39:03 kernel: NET: 178 messages suppressed.
Mar 12 20:39:03 kernel: ip_conntrack: table full, dropping packet.
Mar 12 20:39:08 kernel: NET: 212 messages suppressed.
Mar 12 20:39:08 kernel: ip_conntrack: table full, dropping packet.
Mar 12 20:55:43 ntp client: Synchronizing time with time.nist.gov ...
Mar 12 21:46:29 kernel: NET: 48 messages suppressed.
Mar 12 21:46:29 kernel: ip_conntrack: table full, dropping packet.
Mar 12 21:46:29 kernel: ip_conntrack: table full, dropping packet.
Mar 12 21:46:29 kernel: ip_conntrack: table full, dropping packet.
Mar 12 21:46:29 kernel: ip_conntrack: table full, dropping packet.
Mar 12 21:46:29 kernel: ip_conntrack: table full, dropping packet.
Mar 12 21:46:29 kernel: ip_conntrack: table full, dropping packet.
Mar 12 21:46:29 kernel: ip_conntrack: table full, dropping packet.
Mar 12 21:46:29 kernel: ip_conntrack: table full, dropping packet.
Mar 12 21:46:29 kernel: ip_conntrack: table full, dropping packet.
Mar 12 21:46:29 kernel: ip_conntrack: table full, dropping packet.
Mar 12 21:46:34 kernel: NET: 81 messages suppressed.
Mar 12 21:46:34 kernel: ip_conntrack: table full, dropping packet.
Mar 12 21:46:39 kernel: NET: 133 messages suppressed.
Mar 12 21:46:39 kernel: ip_conntrack: table full, dropping packet.
Mar 12 21:46:44 kernel: NET: 162 messages suppressed.
Mar 12 21:46:44 kernel: ip_conntrack: table full, dropping packet.
Mar 12 21:46:49 kernel: NET: 174 messages suppressed.
Mar 12 21:46:49 kernel: ip_conntrack: table full, dropping packet.
Mar 12 21:46:54 kernel: NET: 200 messages suppressed.
Mar 12 21:46:54 kernel: ip_conntrack: table full, dropping packet.
Mar 12 21:46:59 kernel: NET: 233 messages suppressed.
Mar 12 21:46:59 kernel: ip_conntrack: table full, dropping packet.
Mar 12 21:47:04 kernel: NET: 233 messages suppressed.
Mar 12 21:47:04 kernel: ip_conntrack: table full, dropping packet.
i found this solution, is ok???
Increasing the table size
The maximum number of connections tracked can be found by:
Time to double to number of connections that the table can track:Code:cat /proc/sys/net/ipv4/netfilter/ip_conntrack_max
4096
and add the lineCode:nano /etc/sysctl.conf
reload the sysctl.confCode:net.ipv4.netfilter.ip_conntrack_max = 131072
and result:Code:sysctl -p
Code:net.ipv4.netfilter.ip_conntrack_max = 131072
you can edit this value from the web-interface in the firewall -> basic config
I'd suggest you to research this topic more seriously, because this conntrack table takes RAM. For such device with pretty limited memory 128K imho is too huge table
Thank you, Kaizen!Quote:
Originally Posted by kaizen
I have installed this firmware and it seems to be a stable version. It is just enough for what I need. And wireless driver perform very well. Next week I will test it with lot of optware packages. I want to stop services and start'em when I need with xinetd to keep RAM memory free.
By the way, does anybody knows command line switches to start web interface and pass them to xinetd?
I think that's good for OLEG firmware to have an motd login (as OpenWRT and DD-WRT does).
And motd should be like so. So put file motd (without the extension ".txt") in /etc folder, edit /usr/local/.files and add "/etc/motd", save flash with "flashfs save && flashfs commit && flashfs enable && reboot". When log with dropbear, after login, logo will apear in console window.
To put the file on the router, I recommend using WinSCP (is freeware and "a must use" ) :)
So, "OLEG powered WL"
;):)
it's impossible, and to kill it eitherQuote:
By the way, does anybody knows command line switches to start web interface and pass them to xinetd?
I added the 2 lines to post-boot (but it's "smbd -D" and "nmbd -D" as lowercase "-d" is for debug level) and disabled samba in the webinterface. Did the flashfs commit save reboot thing but samba didn't load on reboot - those processes didn't appear in the list from ps axf. But, if I manually run post-boot from the command line, samba is loaded and runs fine.Quote:
Originally Posted by al37919
It seems post-boot isn't running after the boot - is that possible? Since I can run post-boot from the command line, it seems it's executable. The only difference from straight wengi tut is I have the swap on USB stick on disc1 and USB HDD for shared storage on disc0.
Any ideas?
put it in post-mount
it probably starts from post-boot, but exits directly cause it's missing the harddisk
thanks for the correction
you can make sure that post-boot is executed by adding to it:
afterwards you can check presence of this line in the syslog.PHP Code:logger -t post-boot "$* started."
I'm not sure if the storage should be mounted to run samba (when post-boot is executed possibly it is not running yet). So, try to put it in the post-mount
If post mount could be executed multiple times better approach could be:
DrChair: you was faster than me :)PHP Code:killall smbd && /usr/sbin/smbd -D
This worked, thanks. :DQuote:
Originally Posted by DrChair
al37919, I didn't add the extra code you suggested, I don't understand what it tries to do - but it seems just having smbd -D and nmbd -D in post-mount does what I need. Is there a reason I need that additional code?
Also, I stuck the logger code in both post-boot and post-mount. post-mount wrote to the syslog, but post-boot did not!? It seems like I have an issue with post-boot running, right? Any ideas on how to troubleshoot this/fix?
Thank you for your help and responsiveness!
hi! my provider has changed connection from pptp to ppoe and after that transmission stoped transers. it accesable wia web interface but shows 0 transers. what can be the source of the problem?
Code:PID TTY STAT TIME COMMAND
1 ? S 0:01 /sbin/init
2 ? S 0:00 [keventd]
3 ? SN 0:00 [ksoftirqd_CPU0]
4 ? S 0:00 [kswapd]
5 ? S 0:00 [bdflush]
6 ? S 0:00 [kupdated]
7 ? S 0:00 [mtdblockd]
57 ? S 0:00 telnetd
62 ? S 0:01 httpd vlan1
68 ? S 0:00 klogd
71 ? Ss 0:01 nas /tmp/nas.lan.conf /tmp/nas.lan.pid lan
73 ? S 0:00 [dnsmasq]
75 ? S 0:00 [khubd]
84 ? Ss 0:00 lpd
86 ? Ss 0:00 p9100d -f /dev/usb/lp0 0
89 ? Ss 0:00 waveservermain
91 ? Ss 0:00 rcamdmain
95 ? S 0:00 [usb-storage-0]
96 ? S 0:00 [scsi_eh_0]
103 ? S 0:00 [portmap]
105 ? Ss 0:00 /usr/sbin/statd
107 ? S 0:00 [nfsd]
108 ? S 0:00 [lockd]
109 ? S 0:00 \_ [rpciod]
111 ? Ss 0:00 /usr/sbin/mountd
126 ? S 0:00 udhcpc -i vlan1 -p /var/run/udhcpc0.pid -s /tmp/udhcp
127 ? Ss 0:00 pppd file /tmp/ppp/options.wan0
129 ? Ss 0:00 infosvr br0
130 ? Ss 0:00 watchdog
133 ? Ss 0:00 \_ ntp
147 ? S 0:00 dropbear
238 ? Ss 0:00 \_ dropbear
239 pts/1 Ss 0:00 \_ -sh
243 pts/1 R+ 0:00 \_ ps axf
156 ? S 0:01 upnp -D -L br0 -W ppp0
172 ? S 0:00 [kjournald]
173 ? S 0:00 [kjournald]
201 ? S 0:00 /sbin/syslogd -m 0 -O /opt/var/log/syslog.log -S -l 7
207 ? Ss 0:00 /opt/sbin/cron
232 ? S 0:08 /opt/bin/transmission-daemon -g /tmp/harddisk/transmi
233 ? S 0:00 \_ /opt/bin/transmission-daemon -g /tmp/harddisk/tra
234 ? S 0:20 \_ /opt/bin/transmission-daemon -g /tmp/harddisk
237 ? R 19:19 vi /opt/etc/init.d/S05syslogd
I installed from your link WL500gpv2-1.9.2.7-d-r160.trxQuote:
Originally Posted by kaizen
That's OK. I see in this firmware lot of good things:
- kernel update to "Linux version 2.4.37";
- SSH configuration from webif;
- firewall configuration for "brute force attacks" from webif (although when I "iptables-save > /opt/tmp/iptables" - I cannot see rules installed :) )
Big problem:
I test swap working with "ipkg remove perl" + "ipkg install perl" and give in another putty window command "watch -n 1 free". So, swap memory does not entered working state (it is showed up, but not used). In time of perl installation free memory decrease till 500kb!
The same test I do with "WL500gpv2-1.9.2.7-10.7.trx" and in time of installation process swap begins swapping.
I see in log file some brute force attacks for SSH and FTP servers and trying to limit FTP logon incoming connections:
But in both firmware versions it seems that we have no support:Code:iptables -I INPUT 1 -p tcp -m tcp --dport 21 -m state --state NEW -m recent --set
iptables -I INPUT 2 -p tcp -m tcp --dport 21 -m state --state NEW -m recent --update --seconds 180 --hitcount 5 -j DROP
Code:iptables: No chain/target/match by that name
I'll answer to myself:
So, there is iptables module to insert to make these commands available: ipt_recent.o
in 1.9.2.7-d this module should be loaded automatically and rules added to INPUT chain if wan access to ssh or ftp server is enabled in the web-interface and corresponding bruteforce protection option is selected
First,
thanks for really great HOW TO, it helped me, because I'm linux beginner.
Anyway now I stucked on problem with samba. It showes me that my shares are only 20MB big, although my 3rd partition is 450GB big. I really don't know how to solve it. I searched nearly the whole internet :mad:
Help will be greatly appreciated.
Thanks Jakub
Reading log file I found that:
And these tryies are listing for about an hour, every second (they tryied user mysql,apache and test too)!!!Code:Mar 17 01:38:44 pure-ftpd: (?@115.168.51.137) [INFO] New connection from 115.168.51.137
Mar 17 01:38:45 pure-ftpd: (?@115.168.51.137) [WARNING] Authentication failed for user [oracle]
Mar 17 01:38:49 pure-ftpd: (?@115.168.51.137) [WARNING] Authentication failed for user [oracle]
Mar 17 01:38:57 pure-ftpd: (?@115.168.51.137) [WARNING] Authentication failed for user [oracle]
Mar 17 01:39:08 pure-ftpd: (?@115.168.51.137) [WARNING] Authentication failed for user [oracle]
Mar 17 01:39:21 pure-ftpd: (?@115.168.51.137) [WARNING] Authentication failed for user [oracle]
Mar 17 01:39:37 pure-ftpd: (?@115.168.51.137) [ERROR] Too many authentication failures
Mar 17 01:39:41 pure-ftpd: (?@115.168.51.137) [INFO] New connection from 115.168.51.137
Mar 17 01:39:42 pure-ftpd: (?@115.168.51.137) [WARNING] Authentication failed for user [oracle]
Mar 17 01:39:47 pure-ftpd: (?@115.168.51.137) [WARNING] Authentication failed for user [oracle]
Mar 17 01:39:55 pure-ftpd: (?@115.168.51.137) [WARNING] Authentication failed for user [oracle]
Mar 17 01:40:06 pure-ftpd: (?@115.168.51.137) [WARNING] Authentication failed for user [oracle]
Mar 17 01:40:21 pure-ftpd: (?@115.168.51.137) [WARNING] Authentication failed for user [oracle]
Mar 17 01:40:38 pure-ftpd: (?@115.168.51.137) [ERROR] Too many authentication failures
But I have inserted correct rules in /usr/local/sbin/post-firewall:
These rules, I find'em too when do "iptables -nL INPUT". The same rules.Code:iptables -I INPUT 1 -p tcp -m tcp --dport 21 -m state --state NEW -m recent --set
iptables -I INPUT 2 -p tcp -m tcp --dport 21 -m state --state NEW -m recent --update --seconds 160 --hitcount 8 -j DROP
BUT.....SURPRISE when I do "iptables-save /opt/tmp/iptables" and read the file I found:Code:Chain INPUT (policy ACCEPT)
target prot opt source destination
tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:21 state NEW recent: SET name: DEFAULT side: source
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:21 state NEW recent: UPDATE seconds: 160 hit_count: 8 name: DEFAULT side: source
ACCEPT tcp -- 0.0.0.0/0 192.168.1.1 tcp dpt:22
ACCEPT tcp -- 0.0.0.0/0 192.168.1.1 tcp dpt:21
ACCEPT tcp -- 0.0.0.0/0 192.168.1.1 tcp dpts:65100:65150
And I saved this firewall after powering on the router (so the router had some hours to rest and clear memory)!!!!Code:-A INPUT -p tcp -m tcp --dport 21 -m state --state NEW -m recent recent: seconds: 1701970168 hit_count: 1953391971 name: side: source
-A INPUT -p tcp -m tcp --dport 21 -m state --state NEW -m recent recent: seconds: 1701970168 hit_count: 1953391971 name: side: source -j DROP
What's that????
:eek: