Roberto C. Sánchez wrote: > On Sat, Jan 17, 2009 at 09:06:30AM +0100, Gerhard Engler wrote: >> for Interf in $WAN; do >> $IPTABLES_BIN -A INPUT -i $Interf -p tcp --dport 22 -m state --state NEW \ >> -m recent --set --name SSH >> $IPTABLES_BIN -A INPUT -i $Interf -p tcp --dport 22 -m state --state NEW \ >> -m recent --rcheck --seconds 60 --hitcount 4 --rttl --name SSH \ >> -j REJECT --reject-with tcp-reset >> $IPTABLES_BIN -A INPUT -i $Interf -p tcp --dport 22 -m state --state NEW \ >> -j ACCEPT >> done >> >> >> How can I translate this in shorewall? >> > SSH/ACCEPT net $FW - - - - > 4/min:4
That approach has the disadvantage that legitimate users are blocked out during an attack. The Limit builtin action (http://www.shorewall.net/PortKnocking.html#Limit) does what the OP is asking. ------------------------------------------------------------------------------ This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
