I’m trying to create a dynamic address list of all failed attempts to port 80. The rule seems to work but it creates a new address list every time it creates an entry. I know I’ve managed to create a dynamic list of multiple addresses before but I can’t seem to remember how. My rule is here
add action=add-src-to-address-list address-list=blocked address-list-timeout=none-dynamic chain=input dst-port=80 in-interface=ether1 protocol=tcp
Everything seems fine in your config line.
What do you mean by “creates a new address list every time it creates an entry” - each entry have different name?
Thanks xvo. Turns out I was expecting to see the wrong thing. I’ve always use address list with subnets and I was expecting all traffic that qualified for this rule to be group in a unique address list. So when I saw many instances of the name “blocked” I got confused, but it’s normal since each entry is a unique address.