-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wednesday, 2009-04-15 at 23:07 -0400, Patrick Shanahan wrote:
* Carlos E. R. <> [04-15-09 22:46]:
Or, have a look inside the firewall configuration file, where you will find the current version of the recipe in easy mode. I posted it several times during these years, tonight I'm just too lazy to dig it out again
I believe that this is it: iptables -A INPUT -p tcp --dport 22 --syn -m recent --name sshattack --update --seconds 240 --hitcount 2 -j REJECT
(that should be *one* line)
And now being the morning, I'm a bit less lazy :-) In the /etc/sysconfig/SuSEfirewall2 script, this: # Example: # Allow max three ssh connects per minute from the same IP address: # "0/0,tcp,22,,hitcount=3,blockseconds=60,recentname=ssh" # # The special value _rpc_ is recognized as protocol and means that dport is # interpreted as rpc service name. See FW_SERVICES_EXT_RPC for # details. # #FW_SERVICES_ACCEPT_EXT="" #FW_SERVICES_ACCEPT_EXT="0/0,tcp,22,,hitcount=3,blockseconds=60,recentname=ssh" FW_SERVICES_ACCEPT_EXT="0.0.0.0/0,tcp,22,,hitcount=3,blockseconds=60,recentname=ssh" # # Ludwig Nussel: you may want to use 0.0.0.0/0 instead of 0/0 to avoid the ipv6 # error message. # # Do not open ssh on another rule, ot it takes precedence and # FW_SERVICES_ACCEPT_EXT does not work. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) iEYEARECAAYFAknm9uwACgkQtTMYHG2NR9XP5wCffLOZdmYyxtr8VYKjA22zjVWi +dwAn2QBld2i95wHKMZe+4zewmYZPBbj =HU5l -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org