[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: DenyHosts



On Sat, 16 Jan 2016 01:55:38 +0300, Reco wrote:

>A complex one:
>
>iptables -I INPUT -p tcp --dport 22 -m conntrack --ctstate NEW \
>	-m hashlimit --hashlimit 1/hour --hashlimit-burst 16 \
>	--hashlimit-mode srcip --hashlimit-name ssh \
>	--hashlimit-htable-expire 60000 -j ACCEPT
>
>iptables -I INPUT -p tcp --dport 22 --tcp-flags SYN,RST,ACK SYN \
>	-j DROP

Thank you. Since the simple solution didn't work, I took a chance and
used the second more complex one. The two commands were accepted
without error, and with no other status or output messages. I will now
use manpages and figure out what it is I just did.


Reply to: