Mailinglist Archive: opensuse (1620 mails)

< Previous Next >
Re: [opensuse] Susefirewall limit connections
On 11/16/2014 10:25 AM, Otto Rodusek wrote:
I've heard of fail2ban and was hoping not to have to use it and "simply"
make use of iptables.

For ssh attack blocking, I'm using something along these lines:

$ # limit to 2 ssh-syns/min:
$ iptables -A INPUT -p tcp --dport 22 --syn -m limit --limit 1/m
--limit-burst 2 -j ACCEPT

$ # drop all ssh-syns over the limit:
$ iptables -A INPUT -p tcp --dport 22 --syn -j DROP

Have fun,
Berny
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >