Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- add action=drop chain=input comment="drop ssh brute forcers" dst-port=22 protocol=tcp src-address-list=ssh_blacklist
- add action=add-src-to-address-list address-list=ssh_blacklist address-list-timeout=none-dynamic chain=input comment=ssh_blacklist connection-state="" dst-port=22 protocol=tcp src-address-list=ssh_stage3
- add action=add-src-to-address-list address-list=ssh_stage3 address-list-timeout=1m chain=input comment=ssh_stage3 connection-state="" dst-port=22 protocol=tcp src-address-list=ssh_stage2
- add action=add-src-to-address-list address-list=ssh_stage2 address-list-timeout=1m chain=input comment=ssh_stage2 connection-state="" dst-port=22 protocol=tcp src-address-list=ssh_stage1
- add action=add-src-to-address-list address-list=ssh_stage1 address-list-timeout=1m chain=input comment=ssh_stage1 connection-state="" dst-port=22 protocol=tcp
- add action=accept chain=input comment=ssh dst-port=22 protocol=tcp
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement