Skip to main content

Thread: iptables: --rcheck works like --update


i have written bash script iptables shall secure system:

code:
#!/bin/bash -eu  typeset -a rule  rule[0]='-p forward drop' rule[1]='-p input drop' rule[2]='-a input -i lo -j accept' rule[3]='-a input -j accept -m state --state established' rule[4]='-a input -p tcp --dport 22 -m state --state new -m recent --name ssh --set' rule[5]='-a input -j drop -p tcp --dport 22 -m recent --hitcount 4 --name ssh --rcheck --seconds 60' rule[6]='-a input -j drop -p tcp --dport 22 -m recent --hitcount 16 --name ssh --rcheck --seconds 3600' rule[7]='-a input -j accept -p tcp --dport 22' rule in "${rule[@]}" 	iptables -c ${rule:3} > /dev/null 2>&1 || iptables $rule done
the rules droping incoming connections except ssh. have created rules shall prevent brute force attacks. if ip address connects more 3 times in minute or 15 times in hour blocked time.

problem on every try timestamp updated example: user creates within 5 seconds 3 connections , blocked 1 minute. tries every 20 seconds create new connection every attempt update timestamp. means after few days couldn't create successfull connection.

i'm wondering why every blocked attempt updates timestamp. thought --update doing this. maybe have explanation that.



Forum The Ubuntu Forum Community Ubuntu Official Flavours Support Networking & Wireless [ubuntu] iptables: --rcheck works like --update


Ubuntu

Comments

Post a Comment

Popular posts from this blog

Thread: Can not create raid array: mdadm: no raid-devices specified.

Image
hello! i'm trying setup software raid on server, fail @ first step: code: root@sandnabba:/root# mdadm -c /dev/md0 -c512 -l5 /dev/sdc1 /dev/sdd1 /dev/sde1 mdadm: no raid-devices specified. what doing wrong!? are sure -c equivalent --create? also, think need space after -c , -l options, value shouldn't command, or should have = between. @ man pages mdadm , double check spelling. Forum The Ubuntu Forum Community Ubuntu Specialised Support Ubuntu Servers, Cloud and Juju Server Platforms [SOLVED] Can not create raid array: mdadm: no raid-devices specified. Ubuntu
Read more

Thread: HOW TO: Package and theme GTK+ / Gtkmm apps in Linux for Windows

hi, if developing platform independent software in linux using gtk+/gtkmm , you've managed cross compile windows, guide you. i'm posting because after researching topic myself, encountered many posts people have abandoned gtk+/gtkmm wxwidgets because of gtks ugly default appearance in windows/wine. gtk+ themeable in windows/wine gnome. have set correctly . . . here's how. guide gtkmm gtk+ similar. (1) firstly, download , install gtkmm windows using wine. (you have if have cross compiled app windows) https://live.gnome.org/gtkmm/mswindows (2) run these commands create proper directory structure. (substitute 'proj' whatever project called) mkdir ~/proj mkdir ~/proj/bin mkdir ~/proj/etc mkdir ~/proj/etc/gtk-2.0 mkdir ~/proj/lib mkdir ~/proj/lib/gtk-2.0 mkdir ~/proj/lib/gtk-2.0/2.10.0 mkdir ~/proj/lib/gtk-2.0/2.10.0/engines mkdir ~/proj/share mkdir ~/proj/share/themes (3) move directory gtkmm installed (probably ~/.wine/drive
Read more

Thread: Twinview issues

hi all, recovered white screen of death having reinstalling nvidia drivers via command line in recovery mode. when rebooted after that, fine, except 1 of monitors not displaying anything. ran sudo nvidia xconfig, created conf file me, issue not resolved. in x server settings, secondary monitor (the 1 not displaying), detected , enabled in twinview, resolution not detected , screen black. if try switching workspaces, little window showing workspaces show second monitor sitting next monitor, same in x server settings. options have resolving this? lot! Forum The Ubuntu Forum Community Ubuntu Official Flavours Support Desktop Environments [ubuntu] Twinview issues Ubuntu
Read more