On Sun, Oct 29, 2017 at 8:06 PM, Casey Doyle <cdoyle at timelesslyprecise.com> wrote: > Hello, > > I would like permission to contribute information to the wiki... > > Username: CaseyDoyle > > To append an additional method for ssh blocking with firewallD: > > Page: > https://wiki.centos.org/HowTos/Network/SecuringSSH#head- > 3579222198adaf43a3ecbdc438ebce74da40d8ec > > Suggest to add the following info to it pertinent section: > > ------ > 6. Filter SSH at the Firewall > > complementary to iptables method, there is firewall-cmd for newer systems > using FirewallD: > > firewall-cmd --permanent --direct --add-rule ipv4 filter INPUT_direct 0 -p > tcp --dport 22 -m state --state NEW -m recent --set > firewall-cmd --permanent --direct --add-rule ipv4 filter INPUT_direct 1 -p > tcp --dport 22 -m state --state NEW -m recent --update --seconds 30 > --hitcount 4 -j REJECT --reject-with tcp-reset > firewall-cmd --reload > ------ > > Please advise. > Kind Regards, > -- > Casey Doyle > You can edit the page now. Thanks for your contribution. Akemi -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos-docs/attachments/20171029/4458c543/attachment-0006.html>