Hi,
i want to stop sshd account testing by scripties witht the followoing iptables/bash
script, but it won't do what i thougt. On a sarge test host with 2 aliased nic (eth0:1
and eth0:2), this script loads correctly, it drops connections with --hitcount 3
correctly (client gets timeout, sshd gets no connection/log), but doesn't get back for
login after --seconds 120. No error or logging, only "Connection timed out"
when i try to ssh into that aliased interfaces. login on eth0 always works ok.
<---cut--->
#!/bin/bash
IPT=/sbin/iptables
#OPT="--verbose"
OPT=""
## ip's changed
ip_if1=192.168.10.11
ip_if2=192.168.10.12
## just for testing: flush old rules
$IPT --flush
## call ipt for all hostst in list
for ip in $ip_if1 $ip_if2
do
$IPT $OPT -A INPUT -p tcp --dport 22 -i eth0 -d $ip -m state --state NEW -m
recent --set
$IPT $OPT -A INPUT -p tcp --dport 22 -i eth0 -d $ip -m state --state NEW -m
recent --update --seconds 120 --hitcount 3 -j LOG
$IPT $OPT -A INPUT -p tcp --dport 22 -i eth0 -d $ip -m state --state NEW -m
recent --update --seconds 120 --hitcount 3 -j DROP
done
<--cut--->
No other rules are active rsp. defautls to "allow" (is a testing...).
Can you help me? Any hints?
Gerhard
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
