Re: DenyHosts
On Sat, 16 Jan 2016 01:55:38 +0300, Reco wrote:
>A complex one:
>
>iptables -I INPUT -p tcp --dport 22 -m conntrack --ctstate NEW \
> -m hashlimit --hashlimit 1/hour --hashlimit-burst 16 \
> --hashlimit-mode srcip --hashlimit-name ssh \
> --hashlimit-htable-expire 60000 -j ACCEPT
>
>iptables -I INPUT -p tcp --dport 22 --tcp-flags SYN,RST,ACK SYN \
> -j DROP
Thank you. Since the simple solution didn't work, I took a chance and
used the second more complex one. The two commands were accepted
without error, and with no other status or output messages. I will now
use manpages and figure out what it is I just did.
Reply to: