Atomicorp

Can I edit running.fw? I'm guessing its not a good idea so if not, how to apply manual edits to firewall? I read the firewall help but dont find answer. I know there's the gui, but it doesnt appear to cover all conditions, at least I dont see how in some cases eg: libvirt is inserting rules which I ...

libvirt/kvm default network wont start, as per this error from libvirt.log: 2014-12-02 23:07:06.435+0000: 19069: error : virCommandWait:2319 : internal error Child process (/sbin/iptables --table mangle --insert POSTROUTING --out-interface virbr0 --protocol udp --destination-port 68 --jump CHECKSUM ...

thanks for reply Keep in mind that asl-lite is not a supported product, its a free tool we provide well altho it was my intention to pay, the 'free' part is correct so far. But the 'tool' part implies some useful functionality, rather than a waste of my time. Anyway leaving the semantics aside... I ...

Usually thats caused by the terminal you're using to log into the system not supporting the full character set or setting the wrong type so I just installed a 30day trial asl-lite and if get this issue and I'm on fedora 17/kde using konsole to login to a fresh install of centos 6.3 - how would I fi...

Faris - I dont think it was you that caused the confusion at all - in fact you said turn xbl off which was helpful. whats confusing is that the delayed_rules are presented in a state that is arguably highly likely to cause confusion. they arent 30 day delayed - I spent ages clicking around the sites...

We don't enable this by default in ASL for this reason. maybe not. But you do enable it by default in the delayed rules. Perhaps it simply didnt occur to anyone to turn it off? Altho in fact the delayed rules are billed as 30 day delay of the ASL modsecurity rules but clearly by what you say they a...

thats from a fresh download of the delayed rules so (if I understand the rule correctly) it looks like its turned on out of the can... from 00_asl_rbl.conf #Global RBL rules SecRule REMOTE_ADDR "!@pmFromFile /etc/asl/whitelist" \ "chain,deny, log, id:350000,rev:2,msg:'Global RBL Match...

Hi I've seen some other posts about issues with spamhaus, but not this aspect. I've been using the delayed rules for a while and had some concerns about the number of blocks from xbl.spamhaus.org In fact I dont think its at all correct to use the XBL for a web server blocklist. I quote from the page...