NetFilter IPTables Project Auto-Expiring Rules could be very interesting (for example) to ban IPs for a certain amount of time, and then have then automatically un-banned (by removing Filtering Rule).
IPTables do not provide an integrated solution for that, but a simple combination with the ‘at’ command can do the magic.
While configuring Multiple Networks VPNs (Multiple policy and destination SubNets reached via the same remote IPSec VPN Peer) between Mikrotik and other Firewalls, traffic would randomly stop for certain destinations.
Packet forwarding and encryption only works for one destination (the first matched IPSec Policy) and any other destination (and only the first matched one) will be reachable by performing a ‘SA Flush’.
A glue record is the IP address of a NameServer held at the Domain Name registry.
Glue records are required when it is needed to point name servers of a domain-name to a host-name under the domain name itself.
NFSen (NetFlow SENsor) is a Web-Based Front-End for the nfdump netflow tools.
NfSen is very useful and allows network administrators to:
Display netflow data: Flows, Packets and Bytes using RRD (Round Robin Database).
Easily navigate through the netflow data.
Process the netflow data within the specified time span.
Create history as well as continuous profiles.
Set alerts, based on various conditions.
Customize and Create plugins to process netflow data on a regular interval.
The installation on Linux can be tricky, here I’ll show my way (using, where possibole, distribution supported apt packages) in Ubuntu Server 12.04 LTS.
NetFlow is a tool used to export flows of traffic that transit through an interface on a router.
NetFlow version 5, 8 and 9 support IPv4, only version 9 supports IPv6, the default transport used is UDP.
Flows should be analyzed locally in the router or sent to a NetFlow Server periodically to permit a deeper and more convenient analysis.