New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Authentication attempts limit #116
Conversation
block any IP address who has made more than 3 ssh connections or attempted connections within the past 3 minutes.
add include path for etc/firewall.user to limit brute force
@@ -167,3 +166,15 @@ config rule | |||
option src 'vpn' | |||
option proto 'icmp' | |||
option target 'ACCEPT' | |||
|
|||
#just a test to block certain IP ! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@RaniaRho, could you remove this rule? We don't want to affect anything unnecessarily.
@dismantl removed |
|
||
iptables -I INPUT -i br-lan -p tcp -m tcp --dport 22 -m recent --set --name DEFAULT --rsource | ||
|
||
iptables -I INPUT -i br-lan-p tcp -m tcp --dport 22 -m recent --update --seconds 180 --hitcount 4 --name DEFAULT --rsource -j DROP |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This line causes a fatal error on startup. Should be ...br-lan -p...
Even with the line 15 change (above), I'm having trouble with these rules. I get disconnected immediately on firewall restart and all subsequent ssh attempts time out. nmap shows port 22 as filtered. |
Couldn't append to this pull request, so incorporating the changes into #120 |
some changes in etc/firewall.user and etc/config/firewall to resolve this issue #30