-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The Wednesday 2008-01-09 at 11:18 -0000, Marcin Floryan wrote:
Is there a way to merge the following iptables rules with SuseFirewall?
iptables -A INPUT -p tcp --dport 22 -m recent --set --name ssh --rsource
iptables -A INPUT -p tcp --dport 22 -m recent ! --rcheck --seconds 60
--hitcount 4 --name ssh --rsource -j ACCEPT
I suspect those could be added once the firewall has started but
ideally I would want this as part of the firewall startup.
Did you know about this: ?
FW_SERVICES_REJECT_EXT="0/0,tcp,113"
# Example:
# Allow max three ssh connects per minute from the same IP address:
# "0/0,tcp,22,,hitcount=3,blockseconds=60,recentname=ssh"
#
# The special value _rpc_ is recognized as protocol and means that dport is
# interpreted as rpc service name. See FW_SERVICES_EXT_RPC for
# details.
#
I guess it does what you want :-?
- --
Cheers,
Carlos E. R.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.4-svn0 (GNU/Linux)
iD8DBQFHhPLstTMYHG2NR9URAgsQAJ90xzEidt+THd3x2rNJixNEbGZw+wCcC3MA
77/NjH3C25YP44N4qUWUXT0=
=VT1F
-----END PGP SIGNATURE-----
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
