Re: iptables rules to limit attack

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



chloe K wrote:
> Thank you
>  
> Can I know how to define the "SSH_CHECK"
> and white list?
>  
> I only know to use iptables -A
>  
> Thank you
> 

Hello,
When you're entering the rules from the CLI, the first time you 
reference a chain, you need to use -N (for "new") instead of -A (for 
"append").

So, using my example....

#iptables -N SSH_CHECK -s *WHITELIST ADDRESSES* -j ACCEPT
#iptables -A SSH_CHECK -m recent --set --name SSH --rsource

and so on.

I use the first line of the SSH_CHECK chain to keep from accidentally 
locking myself out of my server.

If, for instance, I have control and trust over a particular IP address 
or subnet, I can use the first line to explude them from being 
rate-limited...

#iptables -N SSH_CHECK -s 127.219.24.149 -j ACCEPT
or
#iptables -N SSH_CHECK -s 127.247.67.0/24 -j ACCEPT
(ip addresses changed to protect the innocent)

I think that'll do you,
Andy
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux