User Tools

Site Tools


iptables

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
iptables [2010/02/04 22:02]
k2patel
iptables [2020/08/10 02:35] (current)
Line 66: Line 66:
  
  
 +==== xt_recent ====
  
 +In latest version ipt_recent replaced by xt_recent.\\
 +there is few change which could break your iptables rules.\\
 +In order to make ssh bruteforce protection working please use following rules.\\
 +this also effect Fedora 15 and latest iptables / kernel
  
 +<code bash>
 +:SSH - [0:0]
 +:BRTBLK - [0:0]
  
 +
 +-A INPUT -p tcp -m multiport --dports 21,22 -m recent --update --seconds 8600 --name SSH_BAN --rsource -j DROP 
 +-A INPUT -p tcp -m multiport --dports 21,22 -m state --state NEW -j BRTBLK ​
 +
 +-A SSH -m limit --limit 5/min -j LOG --log-prefix "BAD IP: " --log-level 4 
 +-A SSH -m recent --set --name SSH_BAN --rsource -j DROP 
 +
 +-A BRTBLK -m recent --set --name BRT --rsource ​
 +-A BRTBLK -m recent --update --seconds 600 --hitcount 16 --name BRT --rsource -j SSH 
 +-A BRTBLK -m recent --update --seconds 60 --hitcount 4 --name BRT --rsource -j SSH 
 +-A BRTBLK -j ACCEPT ​
 +</​code>​
 +
 +Now try to login to box 4 times quickly to test.\\
 +For more advanced Options please visit [[http://​www.thatsgeeky.com/​2011/​02/​escalating-consequences-with-iptables/​ | Th4tsG33ky]]
iptables.1265320939.txt.gz ยท Last modified: 2020/08/10 02:30 (external edit)