msdoc

User Tools

Site Tools

Trace:
linux:netzwerk:firewall

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
linux:netzwerk:firewall [2023/04/20 17:54] mslinux:netzwerk:firewall [2023/11/05 21:54] (current) ms
Line 58: Line 58:
 table inet filter { table inet filter {
 ... ...
 +</code>
 +
 +===== Brute Force auf ssh erschweren =====
 +
 +<code>
 +add rule ip filter INPUT tcp dport 22 ct state new counter jump SSHBFORCE
 +
 +add chain ip filter SSHBFORCE
 +
 +add set ip filter denylist { type ipv4_addr; flags dynamic, timeout; timeout 5m }
 +add rule ip filter SSHBFORCE ip protocol tcp ct state new, untracked limit rate over 3/minute add @denylist { ip saddr }
 +add rule ip filter SSHBFORCE ip saddr @denylist drop
 </code> </code>
  
linux/netzwerk/firewall.1682006053.txt.gz · Last modified: 2023/04/20 17:54 by ms
Except where otherwise noted, content on this wiki is licensed under the following license: Public Domain
Public Domain Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki