> On Wed, Oct 25, 2006 at 04:47:08PM -0500, Chad Walstrom wrote:
> > 
> > You could also create a rule that counts request for DNS entries on
> > the eth1 interface.
> > 
> > iptables -I INPUT -i eth1 -j LOG -p tcp --dport 53 -m limit --limit 10/sec
> > iptables -I INPUT -i eth1 -j ACCEPT -p udp --dport 53
> > iptables -I INPUT -i eth1 -j LOG -p udp --dport 53 -m limit --limit 10/sec
> > iptables -I INPUT -i eth1 -j ACCEPT -p tcp --dport 53
> 
> [Aren't the ACCEPTS reversed above? tcp when it should be udp, and
> vice-versa.]

Transcription error.  It wasn't meant as a recipe, rather as an idea
generator.  Have fun.
-- 
Chad Walstrom <chewie at wookimus.net>           http://www.wookimus.net/
           assert(expired(knowledge)); /* core dump */