Andrew Kelly wrote:
On Wed, 2008-10-22 at 11:30 -0700, Rick Stevens wrote:Andrew Kelly wrote:<snip>Unfortunately, it also foils legitimate accesses often enough. This is a very effective set up, but it comes with the caveat that "connection requests" are counted, and not "connection requests from IP address such-and-such".No, it tracks the source IP. Two attempts from the same source IP trigger the lockout.Mea Culpa, Rick, you're absolutely right. I just discovered that my rules weren't even using the recent mod. (Homer Simpson sound)
Heheheheh! I often have "D'oh!" moments myself, usually followed by maniacal laughter from the people in the immediate vicinity!
Thanks, man.
Anytime. BTW, "D'oh!" is now in the Oxford American English dictionary. Go figure! ---------------------------------------------------------------------- - Rick Stevens, Systems Engineer ricks nerd com - - AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 - - - - Linux is like a wigwam...no windows, no gates...and apache inside! - ----------------------------------------------------------------------