n dhert wrote: > I have a line in my shorewall rules file > Limit:info:SSHBFAttack,3,60 net $MACHINE tcp 22 > to counter SSH attacks to the machine $MACHINE (max 3 SSH requests per > minute from same machine, then one needs to wait a minute for next SSH > request) > > Now I want to make 1 exception to this limitation for one particular > machine on the 'net' zone, say 217.218.219.220 > I tried > Limit:info:SSHBFAttack,3,60 net:!217.218.219.220 tcp 22 > but the result is that 217.218.219.220 is excluded totally from SSH, > definitely not what I want :-) > > What line(s) must be used to achieve that?
Rather than exclude 217.218.219.220 from the Limit rule, the simplest thing to do is add this rule BEFORE the Limit rule: ACCEPT net:217.218.219.220 $MACHINE tcp 22 -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
