[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: DenyHosts

	Hi.

On Sat, 16 Jan 2016 13:01:29 -0500
Steve Matzura <sm@noisynotes.com> wrote:

> I tried redoing the tables:
> 
> *filter
> :INPUT ACCEPT [0:0]
> :FORWARD ACCEPT [0:0]
> :OUTPUT ACCEPT [0:0]
> -A INPUT -p tcp -m tcp --dport 22 --tcp-flags SYN,RST,ACK SYN -j DROP
> -A INPUT -p tcp -m tcp --dport 22 -m conntrack --ctstate NEW -m
> hashlimit --hashlimit-upto 1/hour --hashlimit-burst 16
> --hashlimit-mode srcip --hashlimit-name ssh --hashlimit-htable-expire
> 60000 -j ACCEPT
> COMMIT
> 
> This list looks a lot cleaner, and the first thing on it is to accept
> everything. But still I cannot connect, even after restarting the sshd
> service.

Reverse the order of these two rules. As I wrote in another part of this
thread, I mistook rules' sequence.
Reply to: