[CentOS] Re: IPTables Blocking Brute Forcers
Sarunas Vancevicius
svan at redbrick.dcu.ieTue Nov 21 10:05:12 UTC 2006
- Previous message: [CentOS] Re: IPTables Blocking Brute Forcers
- Next message: [CentOS] Re: IPTables Blocking Brute Forcers
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 07:09, Fri 17 Nov 06, Sudev Barar wrote: > >You can use IPTables to limit the rate of connections. I allow only 2 > >connections from a given IP address within each 3 minute period. > > I know this is sloppy and lazy but can you post your iptables line > that does this? Something like: # Don't have a limit on my_trusted_domain iptables -A INPUT -p tcp -s my_trusted_domain.org --dport 22 -j ACCEPT # Don't have a limit the internal net iptables -A INPUT -p tcp -s internal_net --dport 22 -j ACCEPT iptables -A INPUT -p tcp --dport 22 -m limit --limit 2/minute --limit-burst 1 -j ACCEPT iptables -A INPUT -p tcp --dport 22 -j REJECT --reject-with tcp-reset Search iptables manual page for limit :). Sarunas
- Previous message: [CentOS] Re: IPTables Blocking Brute Forcers
- Next message: [CentOS] Re: IPTables Blocking Brute Forcers
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list