Re: Contrib Request, SSH FirewallD

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sun, Oct 29, 2017 at 8:06 PM, Casey Doyle <cdoyle@xxxxxxxxxxxxxxxxxxxxx> wrote:
Hello,

I would like permission to contribute information to the wiki...

Username: CaseyDoyle

To append an additional method for ssh blocking with firewallD:

Page: 

Suggest to add the following info to it pertinent section:

------
6. Filter SSH at the Firewall

complementary to iptables method, there is firewall-cmd for newer systems using FirewallD:

firewall-cmd --permanent --direct --add-rule ipv4 filter INPUT_direct 0 -p tcp --dport 22 -m state --state NEW -m recent --set
firewall-cmd --permanent --direct --add-rule ipv4 filter INPUT_direct 1 -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 30 --hitcount 4 -j REJECT --reject-with tcp-reset
firewall-cmd --reload
------

Please advise.
Kind Regards,
--
Casey Doyle

​You can edit the page now. Thanks for your contribution.

Akemi​
 
_______________________________________________
CentOS-docs mailing list
CentOS-docs@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos-docs

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Users]     [CentOS Virtualization]     [Linux Media]     [Asterisk]     [Netdev]     [X.org]     [Xfree86]     [Linux USB]     [Project Hail Cloud Computing]

  Powered by Linux