[CentOS] filtering ssh regardless of the port

Wed Sep 19 09:41:40 UTC 2007
Bazy <bazy at goofy.celuloza.ro>

ArcosCom Linux User wrote:
> No, there is another way.
> Using the l7filter user-space daemon.
> 
> You need to NFQUEUE target with IPTABLES and configure de L7 daemon to do
> the work.
> 
> I don't use it, but in http://l7-filter.sourceforge.net/HOWTO-userspace
> there is more information about it.
> 
> Regards
> 
> El Mie, 19 de Septiembre de 2007, 9:57, David Hrbác( escribió:
>> Bazy napsal(a):
>>> And yes... I will use layer 7 filtering.
>>> http://l7-filter.sourceforge.net/protocols
>>>
>>> Patch my kernel, my iptables, and "iptables -A INPUT -m layer7 --l7proto
>>> ssh -j DROP" ;)
>> Yes, the only way.
>> D.
>> _______________________________________________
>> CentOS mailing list
>> CentOS at centos.org
>> http://lists.centos.org/mailman/listinfo/centos
>>
> 
> 
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos


Thank you, your are right, I used l7-filter before and I compiled it
into the kernel and iptables and I didn't take the time to read the
HOWTO-userspace...