SHARE
TWEET

Untitled

a guest Jan 25th, 2013 1,394 Never
  1. ipset -exist create blackhole hash:ip timeout 600
  2.  
  3. -A INPUT -m set --match-set blackhole src -j DROP
  4. -A INPUT -p tcp -m tcp --dport 22 -j SSH-ALL
  5. -A SSH-ALL -p tcp -m recent --set --name SSH --rsource
  6. -A SSH-ALL -p tcp -m recent --update --seconds 180 --hitcount 8 --name SSH --rsource -j SSH-BLOCKED
  7. -A SSH-ALL -p tcp -j ULOG --ulog-nlgroup 1 --log-prefix "Accepted-ssh Event: "
  8. -A SSH-ALL -p tcp -j ACCEPT
  9. -A SSH-BLOCKED -p tcp -j ULOG --ulog-nlgroup 1 --log-prefix "Blocked-ssh Event: "
  10. -A SSH-BLOCKED -p tcp -j SET --add-set blackhole src
  11. -A SSH-BLOCKED -p tcp -j DROP
RAW Paste Data
Top