ok correction, this is the proper ruleset: $IPTABLES -A INPUT -p tcp -m tcp --dport 21 -m state --state NEW -j FTPNEW $IPTABLES -A FTP2 -m recent --set --name FTPBLOCK --rsource $IPTABLES -A FTP2 -j LOG --log-prefix "FTP BRUTE FORCE: " --log-level 6 $IPTABLES -A FTP2 -j DROP $IPTABLES -A FTPBF -p tcp -m tcp --dport 21 -j DROP $IPTABLES -A FTPNEW -m recent --rcheck --name FTPBLOCK --rsource -j FTPBF $IPTABLES -A FTPNEW -m recent --set --name FTP --rsource $IPTABLES -A FTPNEW -m recent --update --seconds 120 --hitcount 6 --name FTP --rsource -j FTP2
first rule is different, so again, this doesn't open port 21, where do I need to place a rule like --dport 21 -j ACCEPT? On Sat, Oct 18, 2008 at 12:57 AM, Pascal Hambourg < [EMAIL PROTECTED]> wrote: > Stephen Vaughan a écrit : > >> I don't follow... that is not my entire ruleset, but everything for the >> brute force is there.. >> > > No it's not. In order to be effective, user-defined chains have to be > called by another rule from a built-in chain (INPUT, OUTPUT, FORWARD...), > and I do not see such a rule here. > > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > > -- Best Regards, Stephen
