Today Peter McNeil did spake thusly:
Scott van Looy wrote:
Today Peter McNeil did spake thusly:
Ran iptables -L just to make sure my rule was there and it was
in the end had to use hosts.deny to block the IP
Anyone got any ideas why?
I do this http://thunderbox.org/?page_id=4
Much better way is to do something like this:
iptables -N SSH_CHECK
iptables -A INPUT -p tcp --dport 22 -m state --state NEW -j SSH_CHECK
iptables -A SSH_CHECK -m recent --set --name SSH
iptables -A SSH_CHECK -m recent --update --seconds 60 --hitcount 4 --name
SSH -j DROP
Which I used to use when I hand wrote my firewall. But as I'm trying to use
system-config-firewall these days I've no idea how to add these custom
rules...
that's cool, I just wanted a permanent blocklist (until restart). Re
system-config-firewall..the only way to be sure is by hand :-)
does anyone know if there's documentation for it anywhere? If not, I'm
happy to write some - if someone can explain to me how the buggery it
works...? :)
--
Scott van Looy - email:me@xxxxxxxxxxxxxx | web:www.ethosuk.org.uk
site:www.freakcity.net - the in place for outcasts since 2003
PGP Fingerprint: 7180 5543 C6C4 747B 7E74 802C 7CF9 E526 44D9 D4A7
-------------------------------------------
|/// /// /// /// WIDE LOAD /// /// /// ///|
-------------------------------------------
It is said that the lonely eagle flies to the mountain peaks while the lowly
ant crawls the ground, but cannot the soul of the ant soar as high as the eagle?
--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list