Created
June 6, 2013 19:52
-
-
Save mattpavelle/5724390 to your computer and use it in GitHub Desktop.
super simple code to add a 24 hour IP address block for anyone who tries to ssh in 3 times and fails
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #! /bin/bash | |
| /usr/bin/sudo /sbin/iptables -I INPUT -i eth0 -p tcp -m tcp --dport 22 -m state --state NEW -m recent --set --name DEFAULT --rsource | |
| ## if someone tries to ssh in 3x and fails, block their IP for 24 hours | |
| /usr/bin/sudo /sbin/iptables -I INPUT -i eth0 -p tcp -m tcp --dport 22 -m state --state NEW -m recent --update --seconds 86400 --hitcount 4 --name DEFAULT --rsource -j DROP | |
| ## place in /etc/network/if-up.d/ | |
| ## see all rules with: | |
| # /usr/bin/sudo /sbin/iptables -vnL --line-numbers | |
| ## delete a rule with: | |
| # /usr/bin/sudo /sbin/iptables -D INPUT 2 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment