# Blocks all IP which connect to port 22
# BEWARE: this is to be activate ONLY
# IF YOU CHANGED YOUR SSH DEFAULT PORT
$do_action $IPTABLES_INSERT $IT_INPUT -m set --match-set banned_ips src -j DROP
$do_action $IPTABLES_INSERT $IT_INPUT -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --set --name SSH_BLOCK --rsource
$do_action $IPTABLES_INSERT $IT_INPUT -p tcp --dport 22 -m recent --update --hitcount 1 --name SSH_BLOCK --rsource -j SET --add-set banned_ips src