16 Jun
2020
16 Jun
'20
9:30 p.m.
On Tue, Jun 16, 2020 at 12:26 PM david david@daku.org wrote:
Examples of what I've tried, and then tested. None of them stopped an outgoing SSH from an internal system.
iptables -I INPUT -p tcp --dport 22 -s 10.0.0.0/24 -j DROP iptables -I INPUT -p tcp --dport 22 -s 10.0.0.0/24 -j DROP
which interface is that bound to? I don't see a -i eth0 or whatever, but you want that rule on your LAN interface.
note these rules will also prevent any host on 10.0.0.0/24 from ssh'ing to the gateway machine itself.
--
-john r pierce
recycling used bits in santa cruz