On Sat, 16 Jan 2016 20:16:28 +0300, you wrote: >> What'd I do? >> > >Exactly this: > >iptables -F INPUT >iptables -I INPUT -p tcp --dport 22 -m conntrack --ctstate NEW \ > -m hashlimit --hashlimit 1/hour --hashlimit-burst 16 \ > --hashlimit-mode srcip --hashlimit-name ssh \ > --hashlimit-htable-expire 60000 -j ACCEPT >iptables -I INPUT -p tcp --dport 22 --tcp-flags SYN,RST,ACK SYN \ > -j DROP > >Note that the order of netfilter rules is top-down (i.e. highest >matching rule plays). >So, first rule on your current list, namely: > >-A INPUT -p tcp -m tcp --dport 22 --tcp-flags SYN,RST,ACK SYN -j DROP > >blocked anyone from using ssh.
I have to tell you, that one *did* look suspicious. Should I remove it from the list of iptables commands and re-apply the rest of them? >Reco >