On Sun, 03 Jan 2016 22:30:18 +0100 "Daniel M." <[email protected]> wrote:
> iptables -A INPUT -p tcp --dport 22 -m conntrack --ctstate NEW -m > recent --set > iptables -A INPUT -p tcp --dport 22 -m conntrack --ctstate NEW -m > recent --update --seconds 60 --hitcount 6 -j DROP > > > This worked in previous iptables version. But it stopped now with > version 1.4.21. I tried to find something on the net but all the > tutorials and the answers are not applicable. > > Do any of you have any idea in regards to this? > > Regards, > Daniel Hello Daniel, Which error message do you get when executing those lines for dropping ssh attempts after 6 hits? Have you upgraded your kernel recently? Many issues with iptables can be from a incorrect kernel config and required netfilter options. Does iptables 1.6.0 have the same issue? I didn't spot anything in the 1.4.21 ChangeLog which would introduce a problem. Maybe someone else can look at it and find something. Sincerely, William Harrington -- http://lists.linuxfromscratch.org/listinfo/lfs-support FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page Do not top post on this list. A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing in e-mail? http://en.wikipedia.org/wiki/Posting_style
