You are not logged in or registered. Please login or register to use the full functionality of this board...



Post Reply 
 
Thread Rating:
  • 1 Votes - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
iptables whitelist IP for SSH
08-09-2011, 04:11 PM
Post: #1
iptables whitelist IP for SSH
This guide will drop SSH connections that hit 5 SSH attempts within 60 secs, allowing
yourself to whitelist on a certain IP address or range


iptables -N ssh-whitelist

iptables -A ssh-whitelist -s 202.125.32.0/24 -m recent --remove --name SSH -j ACCEPT

Next create a limiting rule. I limit to 5 hits in 60 seconds for ssh with this

iptables -A INPUT -i eth0 -p tcp --dport 22 -m state --state NEW -m recent --set --name SSH
iptables -A INPUT -i eth0 -p tcp --dport 22 -m state --state NEW -j ssh-whitelist
iptables -A INPUT -i eth0 -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 60 --hitcount 5 --rttl --name SSH -j DROP
Find all posts by this user
Quote this message in a reply
08-24-2011, 02:14 PM (This post was last modified: 08-24-2011 04:27 PM by knifebunny.)
Post: #2
RE: iptables whitelist IP for SSH
Alternatively, if you just wish to allow an IP (or range) via SSH and drop all connections you can do something like this


iptables -A INPUT -s 192.168.1.0/24 -m state --state NEW -p tcp --dport 22 -j ACCEPT


iptables -A INPUT -m state --state NEW -p tcp --dport 22 -j DROP


and then save your iptables configuration
Find all posts by this user
Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 2 Guest(s)