- # Blocks all IP which connect to port 22
- # BEWARE: this is to be activate ONLY
- # IF YOU CHANGED YOUR SSH DEFAULT PORT
- $do_action $IPTABLES_INSERT $IT_INPUT -m set --match-set banned_ips src -j DROP
- $do_action $IPTABLES_INSERT $IT_INPUT -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --set --name SSH_BLOCK --rsource
- $do_action $IPTABLES_INSERT $IT_INPUT -p tcp --dport 22 -m recent --update --hitcount 1 --name SSH_BLOCK --rsource -j SET --add-set banned_ips src
|
