chloe K wrote:
Thank you
Can I know how to define the "SSH_CHECK" and white list?
I only know to use iptables -A
Thank you
Hello, When you're entering the rules from the CLI, the first time you reference a chain, you need to use -N (for "new") instead of -A (for "append").
So, using my example....
#iptables -N SSH_CHECK -s *WHITELIST ADDRESSES* -j ACCEPT #iptables -A SSH_CHECK -m recent --set --name SSH --rsource
and so on.
I use the first line of the SSH_CHECK chain to keep from accidentally locking myself out of my server.
If, for instance, I have control and trust over a particular IP address or subnet, I can use the first line to explude them from being rate-limited...
#iptables -N SSH_CHECK -s 127.219.24.149 -j ACCEPT or #iptables -N SSH_CHECK -s 127.247.67.0/24 -j ACCEPT (ip addresses changed to protect the innocent)
I think that'll do you, Andy