[Firehol-support] Use of IPT_RECENT with firehol
Marcus Williams
marcus at quintic.co.uk
Tue Aug 30 18:09:48 CEST 2005
Hi -
Has anyone a working set of iptables rules that will work in conjunction
with firehol to start dropping SSH connections if a host tries to
connect more than a certain number of times in a minute? Something like:
iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW \
-m recent --set
iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW \
-m recent --update --seconds 600 --hitcount 2 -j DROP
I cant seem to get this to work (I'm putting it at the bottom of my
firehol script, and my firehol script allows ssh connections currently).
Thanks
Marcus
--
Marcus Williams -- http://www.cad-schroer.co.uk
CAD Schroer UK, 39 Newnham Road, Cambridge, UK
More information about the Firehol-support
mailing list