1 |
burnat |
1.1 |
--- e-smith-openssh-2.2.0/root/etc/e-smith/templates/etc/rc.d/init.d/masq/42CreateSSHAutoblock.orig 2014-03-07 13:19:05.000000000 +1100 |
2 |
|
|
+++ e-smith-openssh-2.2.0/root/etc/e-smith/templates/etc/rc.d/init.d/masq/42CreateSSHAutoblock 2014-04-04 13:24:36.000000000 +1100 |
3 |
|
|
@@ -0,0 +1,15 @@ |
4 |
|
|
+{ |
5 |
|
|
+ my $abtries = ${'sshd'}{'AutoBlockTries'} || "4"; |
6 |
|
|
+ my $abtime = ${'sshd'}{'AutoBlockTime'} || "900"; |
7 |
|
|
+ |
8 |
|
|
+ $OUT .=<<"EOF"; |
9 |
|
|
+ |
10 |
|
|
+ # Use recent packets match to block SSH from sites generating |
11 |
charliebrady |
1.2 |
+ # $abtries connections within $abtime seconds |
12 |
burnat |
1.1 |
+ # Check/clear IP block status in /proc/net/ipt_recent/SSH |
13 |
|
|
+ /sbin/iptables --new-chain SSH_Autoblock |
14 |
|
|
+ /sbin/iptables --append SSH_Autoblock -m recent --set --name SSH |
15 |
|
|
+ /sbin/iptables --append SSH_Autoblock -m recent --rcheck --rttl \\ |
16 |
|
|
+ --seconds $abtime --hitcount $abtries --name SSH -j denylog |
17 |
|
|
+EOF |
18 |
|
|
+} |
19 |
|
|
|
20 |
|
|
--- e-smith-openssh-2.2.0/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90InboundTCP07FilterSSH.orig 2014-03-07 13:18:57.000000000 +1100 |
21 |
|
|
+++ e-smith-openssh-2.2.0/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90InboundTCP07FilterSSH 2014-04-04 13:24:45.000000000 +1100 |
22 |
|
|
@@ -0,0 +1,13 @@ |
23 |
|
|
+{ |
24 |
|
|
+ my $sshd_autoblock = ${'sshd'}{'AutoBlock'} || "enabled"; |
25 |
|
|
+ my $sshd_public = ${'sshd'}{'access'} || "private"; |
26 |
|
|
+ my $sshd_port = ${'sshd'}{'TCPPort'} || "22"; |
27 |
|
|
+ |
28 |
|
|
+ if ($sshd_autoblock eq "enabled" && $sshd_public eq "public" ) { |
29 |
|
|
+ $OUT = " # SSH autoblock enabled - send new SSH connects through recent IPs filter\n"; |
30 |
|
|
+ $OUT .= " /sbin/iptables --append \$NEW_InboundTCP --proto tcp --dport $sshd_port \\\n"; |
31 |
|
|
+ $OUT .= " -m state --state NEW -j SSH_Autoblock\n" |
32 |
|
|
+ } else { |
33 |
|
|
+ $OUT = " # SSH autoblock disabled or sshd access is private\n"; |
34 |
|
|
+ } |
35 |
|
|
+} |
36 |
|
|
|
37 |
|
|
--- e-smith-openssh-2.2.0/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90adjustSSHAutoblock.orig 2014-03-02 12:58:57.210293210 +1100 |
38 |
|
|
+++ e-smith-openssh-2.2.0/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90adjustSSHAutoblock 2014-04-04 13:24:18.000000000 +1100 |
39 |
|
|
@@ -0,0 +1,12 @@ |
40 |
|
|
+{ |
41 |
|
|
+ my $abtries = ${'sshd'}{'AutoBlockTries'} || "4"; |
42 |
|
|
+ my $abtime = ${'sshd'}{'AutoBlockTime'} || "900"; |
43 |
|
|
+ |
44 |
|
|
+ $OUT .=<<"EOF"; |
45 |
|
|
+ |
46 |
|
|
+ /sbin/iptables --replace SSH_Autoblock 2 -m recent --rcheck --rttl \\ |
47 |
|
|
+ --seconds $abtime --hitcount $abtries --name SSH -j denylog |
48 |
|
|
+ # Clear SSH_Autoblock site history too |
49 |
charliebrady |
1.2 |
+ echo / > /proc/net/xt_recent/SSH |
50 |
burnat |
1.1 |
+EOF |
51 |
|
|
+} |
52 |
|
|
|
53 |
|
|
--- e-smith-openssh-2.2.0/root/etc/e-smith/db/configuration/defaults/sshd/AutoBlock.orig 2014-03-19 14:02:47.000000000 +1100 |
54 |
|
|
+++ e-smith-openssh-2.2.0/root/etc/e-smith/db/configuration/defaults/sshd/AutoBlock 2014-04-04 13:24:41.000000000 +1100 |
55 |
|
|
@@ -0,0 +1 @@ |
56 |
|
|
+enabled |
57 |
|
|
|
58 |
|
|
--- e-smith-openssh-2.2.0/root/etc/e-smith/db/configuration/defaults/sshd/AutoBlockTries.orig 2014-03-19 14:02:47.000000000 +1100 |
59 |
|
|
+++ e-smith-openssh-2.2.0/root/etc/e-smith/db/configuration/defaults/sshd/AutoBlockTries 2014-04-04 13:24:47.000000000 +1100 |
60 |
|
|
@@ -0,0 +1 @@ |
61 |
|
|
+4 |
62 |
|
|
|
63 |
|
|
--- e-smith-openssh-2.2.0/root/etc/e-smith/db/configuration/defaults/sshd/AutoBlockTime.orig 2014-03-19 14:02:47.000000000 +1100 |
64 |
|
|
+++ e-smith-openssh-2.2.0/root/etc/e-smith/db/configuration/defaults/sshd/AutoBlockTime 2014-04-04 13:24:52.000000000 +1100 |
65 |
|
|
@@ -0,0 +1 @@ |
66 |
|
|
+900 |
67 |
|
|
|