https://bugs.contribs.org/show_bug.cgi?id=10760
Bug ID: 10760
Summary: per service drop
Classification: Contribs
Product: SME Contribs
Version: 9.2
Hardware: ---
OS: ---
Status: CONFIRMED
Severity: normal
Priority: P3
Component: smeserver-xt_geoip
Assignee: [email protected]
Reporter: [email protected]
QA Contact: [email protected]
Target Milestone: ---
could be great to add a per service exclusion
I see:
Chain InboundTCP_1195 (1 references)
target prot opt source destination
denylog all -- 0.0.0.0/0 !x
REJECT tcp -- 0.0.0.0/0 x tcp dpt:113 reject-with
tcp-reset
SSH_Autoblock tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
state NEW
ACCEPT tcp -- 0.0.0.0/0 x tcp dpt:80
ACCEPT tcp -- 0.0.0.0/0 x tcp dpt:960
ACCEPT tcp -- 0.0.0.0/0 x tcp dpt:443
ACCEPT tcp -- 0.0.0.0/0 x tcp dpt:25
ACCEPT tcp -- 0.0.0.0/0 x tcp dpt:22
ACCEPT tcp -- 0.0.0.0/0 x tcp dpt:465
we could add a list of countries to allow or to exclude for those ports
80,960,443,25,22,465
the db properties could be stored under the respective db config key, eg 25:
sshd
and all configuration be on the current page.
Explanation: currently we make the server invisible to all the rejected
countries.
I can happen to need to give https access to the whole world, but want to
protect my ssh, and mail service for countries where I have users.
--
You are receiving this mail because:
You are the QA Contact for the bug._______________________________________________
Mail for each SME Contribs bug report
To unsubscribe, e-mail [email protected]
Searchable archive at https://lists.contribs.org/mailman/public/contribteam/
