Hello,
sshguard detects brute force attacks and blocks IPs according to a certain
algorithm. For it to work it needs a rule:
iptables -N sshguard
iptables -A INPUT -j sshguard
And so in Shorewall's started.d/ I created a file and added;
#!/bin/bash
iptables -N sshguard
iptables -I INPUT 1 -j sshguard
Which makes this rule the first one, after which the Shorewall rules are
defined.
Is this the right way to add such a rule ? When a packet enters it will go to
sshguard. If the packet is not concerned by any rule in there, will it go back
to the first Shorewall INPUT rule ?
Thanks for suggestions/comments !
------------------------------------------------------------------------------
Precog is a next-generation analytics platform capable of advanced
analytics on semi-structured data. The platform includes APIs for building
apps and a phenomenal toolset for data science. Developers can use
our toolset for easy data analysis & visualization. Get a free account!
http://www2.precog.com/precogplatform/slashdotnewsletter
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
