Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # OLD - IPv4 only but works
- # sshd rate-limiting
- $IPT -A tcp_inbound -p TCP -s 0/0 --destination-port 22 -m state \
- --state NEW -m recent --update --seconds 600 --hitcount 5 -j LOG \
- --log-prefix "sshd rate-limit: "
- $IPT -A tcp_inbound -p TCP -s 0/0 --destination-port 22 -m state \
- --state NEW -m recent --update --seconds 600 --hitcount 5 -j DROP
- $IPT -A tcp_inbound -p TCP -s 0/0 --destination-port 22 -m state \
- --state NEW -m recent --set
- # NEW - dual stack but not working?
- # sshd rate-limiting
- $IPT -A tcp_inbound -p TCP -s 0/0 --destination-port 22 -m state \
- --state NEW -m recent --update --seconds 600 --hitcount 5 -j LOG \
- --log-prefix "sshd rate-limit: "
- $IP6T -A tcp_inbound -p TCP -s ::/0 --destination-port 22 -m state \
- --state NEW -m recent --update --seconds 600 --hitcount 5 -j LOG \
- --log-prefix "sshd rate-limit: "
- $IPT -A tcp_inbound -p TCP -s 0/0 --destination-port 22 -m state \
- --state NEW -m recent --update --seconds 600 --hitcount 5 -j DROP
- $IP6T -A tcp_inbound -p TCP -s ::/0 --destination-port 22 -m state \
- --state NEW -m recent --update --seconds 600 --hitcount 5 -j DROP
- $IPT -A tcp_inbound -p TCP -s 0/0 --destination-port 22 -m state \
- --state NEW -m recent --set
- $IP6T -A tcp_inbound -p TCP -s ::/0 --destination-port 22 -m state \
- --state NEW -m recent --set
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
