Re: DenyHosts

To: debian <debian-user@lists.debian.org>
Subject: Re: DenyHosts
From: Steve Matzura <sm@noisynotes.com>
Date: Fri, 15 Jan 2016 23:59:02 -0500
Message-id: <[🔎] g2jj9b57figgdio2r0e2jb1hksp0dkk4om@4ax.com>
In-reply-to: <[🔎] 20160116015538.0d9f3ac269af947e278d7696@gmail.com>
References: <[🔎] vapi9b9ifknfu2rdddiu2lq35nqrdqmqop@4ax.com> <[🔎] 20160116015538.0d9f3ac269af947e278d7696@gmail.com>

On Sat, 16 Jan 2016 01:55:38 +0300, Reco wrote:

>A complex one:
>
>iptables -I INPUT -p tcp --dport 22 -m conntrack --ctstate NEW \
>	-m hashlimit --hashlimit 1/hour --hashlimit-burst 16 \
>	--hashlimit-mode srcip --hashlimit-name ssh \
>	--hashlimit-htable-expire 60000 -j ACCEPT
>
>iptables -I INPUT -p tcp --dport 22 --tcp-flags SYN,RST,ACK SYN \
>	-j DROP

Thank you. Since the simple solution didn't work, I took a chance and
used the second more complex one. The two commands were accepted
without error, and with no other status or output messages. I will now
use manpages and figure out what it is I just did.

Reply to:

References:
- DenyHosts
  - From: Steve Matzura <sm@noisynotes.com>
- Re: DenyHosts
  - From: Reco <recoverym4n@gmail.com>

Prev by Date: Re: DenyHosts
Next by Date: Re: DenyHosts
Previous by thread: Re: DenyHosts
Next by thread: Re: DenyHosts
Index(es):
- Date
- Thread