On Thu, 29 Jun 2017 21:20:39 -0500 Doug <dmcgarrett@xxxxxxxxxxxxx> wrote: > On 06/29/2017 09:08 PM, JD wrote: > > > > > > On 06/29/2017 07:48 PM, Doug wrote: > >> > >> On 06/29/2017 08:32 PM, JD wrote: > >>> > >>> > >>> On 06/29/2017 07:10 PM, jdow wrote: > >>>> iptables -t filter -A IN_public_deny -p tcp --dport pop3s --syn > >>>> -m recent --name pop3s_attack --rcheck --seconds 90 --hitcount 2 > >>>> -j LOG --log-prefix 'SSH2 REJECT: ' --log-level info > >>> My iptables replied: > >>> iptables: No chain/target/match by that name. > >>> > >>> How is it created? > >> > >> How is WHAT created? I'm snowed! > >> --doug > > The CHAIN Doug. > > iptables says there is no such chain to add a new rule to. > > > > In this case, the chain name is IN_public > > > > I tried all capitals for the chain name, to no avail. > I give up. This is all Greek to me. I just want to get a little > security from malware. I haven't messed with iptables rules since firewalld became the default firewall for Fedora. But you could try using the default INPUT instead of IN_public_deny, target the ssh port 22. i.e. iptables -t filter -A INPUT -p tcp --dport 22 --syn -m recent --rcheck --seconds 90 --hitcount 2 -j LOG --log-prefix 'SSH2 REJECT: ' --log-level info Fedora defaults to using firewalld, and iptables daemon is usually disabled by systemd. I think firewalld uses iptables under the covers, but I'm not sure if adding rules with iptables will apply them for firewalld. _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
