Hi all. Im trying to use the limit module for ssh conections. After this
rule, i cant do ssh not even once.
iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m limit -limit
5/min -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j DROP
(Not other rulez in any chain.)
iptables -L -v
Chain INPUT (policy ACCEPT 22 packets, 2784 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp -- any any anywhere anywhere
tcp dpt:22 state NEW limit: avg 5/min burst 5
0 0 DROP tcp -- any any anywhere
anywhere tcp dpt:22
(after triyng a `ssh localhost' with no luck)
Chain INPUT (policy ACCEPT 1041 packets, 120K bytes)
pkts bytes target prot opt in out source destination
1 60 ACCEPT tcp -- any any anywhere
anywhere tcp dpt:22 state NEW limit: avg 5/min burst 5
7 400 DROP tcp -- any any anywhere anywhere tcp dpt:22
I can see the package is being dropped. Crap.
Any hints?
iptables v1.3.8
uname -r
2.6.22.5-31-default
Thanks!
Gerardo
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
