From: "J. Bakshi" <joydeep@infoservices.in>
To: netfilter@vger.kernel.org
Subject: How to block particular port based on src IP ?
Date: Tue, 13 Apr 2010 12:21:41 +0530 [thread overview]
Message-ID: <4BC4147D.1060802@infoservices.in> (raw)
Hello list,
I have these working rule-sets which blocked the IPs trying to ssh more
then 2 per min. And then the matching IPs are blacklisted for a
pre-defined time. Here 180 sec.
```````````
iptables -A INPUT -p tcp -m hashlimit --hashlimit-above 2/min
--hashlimit-burst 2 \
--hashlimit-name hashlimit -m state --state NEW -m tcp --dport $SSH_PORT
-j \
MARK --set-xmark 0x1/0xffffffff
iptables -A INPUT -m recent --rcheck --seconds 180 --name sshoverflow
--rsource -j DROP
iptables -A INPUT -m mark --mark 0x1 -m recent --set --name sshoverflow
--rsource -j DROP
iptables -A INPUT -p tcp -m state --state NEW --dport $SSH_PORT -j ACCEPT
``````````````````
I am trying to make an arrangement that rather blocking the IP,; only
the access to the ssh port will be blocked from that IP. So the other
services i.e. imap, apache will be still accessible from the IP
excluding ssh. Is it possible ?
Please suggest.
Thanks
--
জয়দীপ বক্সী
next reply other threads:[~2010-04-13 6:51 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-04-13 6:51 J. Bakshi [this message]
2010-04-16 9:46 ` How to block particular port based on src IP ? Richard Horton
2010-04-16 10:37 ` J. Bakshi
-- strict thread matches above, loose matches on Subject: below --
2010-04-14 3:18 J. Bakshi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4BC4147D.1060802@infoservices.in \
--to=joydeep@infoservices.in \
--cc=netfilter@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.