Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ipset -exist create blackhole hash:ip timeout 600
- -A INPUT -m set --match-set blackhole src -j DROP
- -A INPUT -p tcp -m tcp --dport 22 -j SSH-ALL
- -A SSH-ALL -p tcp -m recent --set --name SSH --rsource
- -A SSH-ALL -p tcp -m recent --update --seconds 180 --hitcount 8 --name SSH --rsource -j SSH-BLOCKED
- -A SSH-ALL -p tcp -j ULOG --ulog-nlgroup 1 --log-prefix "Accepted-ssh Event: "
- -A SSH-ALL -p tcp -j ACCEPT
- -A SSH-BLOCKED -p tcp -j ULOG --ulog-nlgroup 1 --log-prefix "Blocked-ssh Event: "
- -A SSH-BLOCKED -p tcp -j SET --add-set blackhole src
- -A SSH-BLOCKED -p tcp -j DROP
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement