On 3/17/21 8:09 PM, Carlos E. R. wrote:
On 17/03/2021 19.42, Gustav Degreef wrote:
I read with great interest the entire recent threadÂ "Possible
and tried to make sure that I set my firewall (firewalld) to block all
ssh connections from outside my home LAN.Â My ISP provides access via
cable modem and I set up my own router.
There are 3-4 laptops running opensuse 15.x (and 2 android phones) on my
home network (adresses configured with DHCP) and I log in periodically
via ssh (as user, not root) to the other computers to fix various
Via the yast2 firewall configuration I set only the "public",
and "home" zones to have ssh as an allowed service.Â The "external"
other zones do not have ssh allowed.
Why that many zones? You need only one per network interface.
OK, which one? Selecting home or internal but not public does not allow
me access to that computer.
But if I only select public, doesn't it allow connections from outside
the home network?
- Do you need access via ssh from Internet?
No, I want to prevent ssh logins from
- your router, what does it run? Is it a computer acting as router
and running openSUSE, or is it a normal, purchased router, or provided
by your ISP?
I bought the router myself, configured it myself. TP link
(TL-WR840N), don't know what it runs.