iptables
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| iptables [2011/09/22 00:18] – k2patel | iptables [2020/08/10 02:35] (current) – external edit 127.0.0.1 | ||
|---|---|---|---|
| Line 70: | Line 70: | ||
| In latest version ipt_recent replaced by xt_recent.\\ | In latest version ipt_recent replaced by xt_recent.\\ | ||
| there is few change which could break your iptables rules.\\ | there is few change which could break your iptables rules.\\ | ||
| - | In order to make ssh bruteforce protection working please use following rules. | + | In order to make ssh bruteforce protection working please use following rules.\\ |
| + | this also effect Fedora 15 and latest iptables / kernel | ||
| + | <code bash> | ||
| + | :SSH - [0:0] | ||
| + | :BRTBLK - [0:0] | ||
| + | |||
| + | -A INPUT -p tcp -m multiport --dports 21,22 -m recent --update --seconds 8600 --name SSH_BAN --rsource -j DROP | ||
| + | -A INPUT -p tcp -m multiport --dports 21,22 -m state --state NEW -j BRTBLK | ||
| + | |||
| + | -A SSH -m limit --limit 5/min -j LOG --log-prefix "BAD IP: " --log-level 4 | ||
| + | -A SSH -m recent --set --name SSH_BAN --rsource -j DROP | ||
| + | |||
| + | -A BRTBLK -m recent --set --name BRT --rsource | ||
| + | -A BRTBLK -m recent --update --seconds 600 --hitcount 16 --name BRT --rsource -j SSH | ||
| + | -A BRTBLK -m recent --update --seconds 60 --hitcount 4 --name BRT --rsource -j SSH | ||
| + | -A BRTBLK -j ACCEPT | ||
| + | </ | ||
| + | |||
| + | Now try to login to box 4 times quickly to test.\\ | ||
| + | For more advanced Options please visit [[http:// | ||
iptables.1316650700.txt.gz · Last modified: 2020/08/10 02:30 (external edit)