Differences

This shows you the differences between two versions of the page.

--- iptables [2009/07/02 18:46]
k2patel created
+++ iptables [2020/08/10 02:35]
@@ Line 1: / Line 1: @@
-====== IPTABLES ======
-Statefull and Powerfull Firewall.\\
-==== Enable for SSH Bruteforce Prevention ====
-This is not a 100% proof setup as it does not block based on the result of authentication.\\
-It just work based on connection.\\
-=== Simple Rules ===
-<code bash>
-iptables -N BRTBLK
-iptables -A INPUT -p tcp --dport 22 -m state –state NEW -j BRTBLK
-iptables -A BRTBLK -m recent –set –name SSH
-iptables -A BRTBLK -m recent –update –seconds 45 –hitcount 5 –name SSH -j DROP
-</code>
-=== Rules With Exceptions ===
-Replace <Exception> with your IP.\\
-You can use multiple rules with diff. IP to allow exceptions.
-<code bash>
-iptables -N BRTBLK
-iptables -A INPUT -p tcp –dport 22 -s <Exception> -j ACCEPT
-iptables -A INPUT -p tcp --dport 22 -m state –state NEW -j BRTBLK
-iptables -A BRTBLK -m recent –set –name SSH
-iptables -A BRTBLK -m recent –update –seconds 45 –hitcount 5 –name SSH -j DROP
-</code>
-=== Rules to Log Bloked IP ===
-<code bash>
-iptables -N BRTBLK
-iptables -A INPUT -p tcp --dport 22 -m state –state NEW -j BRTBLK
-iptables -A BRTBLK -m recent –set –name SSH
-iptables -A BRTBLK -m recent –update –seconds 45 –hitcount 5 –name SSH -j LOG --log-level info --log-prefix "Bad IP : "
-iptables -A BRTBLK -m recent –update –seconds 45 –hitcount 5 –name SSH -j DROP
-</code>

Daily *Nix