iptables
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision | Next revision Both sides next revision | ||
|
iptables [2011/09/22 00:18] k2patel |
iptables [2011/09/22 02:05] k2patel [xt_recent] |
||
|---|---|---|---|
| Line 72: | Line 72: | ||
| In order to make ssh bruteforce protection working please use following rules. | In order to make ssh bruteforce protection working please use following rules. | ||
| + | <code bash> | ||
| + | :SSH - [0:0] | ||
| + | :BRTBLK - [0:0] | ||
| + | |||
| + | -A INPUT -p tcp -m multiport --dports 21,22 -m recent --update --seconds 3600 --name SSH_BAN --rsource -j DROP | ||
| + | -A INPUT -p tcp -m multiport --dports 21,22 -m state --state NEW -j BRTBLK | ||
| + | |||
| + | -A SSH -m limit --limit 5/min -j LOG --log-prefix "BAD IP: " --log-level 4 | ||
| + | -A SSH -m recent --set --name SSH_BAN --rsource -j DROP | ||
| + | |||
| + | -A BRTBLK -m recent --set --name BRT --rsource | ||
| + | -A BRTBLK -m recent --update --seconds 600 --hitcount 16 --name BRT --rsource -j SSH | ||
| + | -A BRTBLK -m recent --update --seconds 60 --hitcount 4 --name BRT --rsource -j SSH | ||
| + | -A BRTBLK -j ACCEPT | ||
| + | </code> | ||
| + | |||
| + | Now try to login to box 4 times quickly to test. | ||
iptables.txt ยท Last modified: 2020/08/10 02:35 (external edit)
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
