/[smeserver]/rpms/e-smith-openssh/sme9/e-smith-openssh-2.4.0-ssh_autoblock.patch
ViewVC logotype

Diff of /rpms/e-smith-openssh/sme9/e-smith-openssh-2.4.0-ssh_autoblock.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph | View Patch Patch

Revision 1.1 by burnat, Fri Apr 4 23:13:07 2014 UTC Revision 1.2 by charliebrady, Sun Apr 6 15:32:23 2014 UTC
# Line 8  Line 8 
8  +    $OUT .=<<"EOF";  +    $OUT .=<<"EOF";
9  +  +
10  +    # Use recent packets match to block SSH from sites generating  +    # Use recent packets match to block SSH from sites generating
11  +    # $abtries connections within $abtime seconds or $abtries2 in $abtime2  +    # $abtries connections within $abtime seconds
12  +    # Check/clear IP block status in /proc/net/ipt_recent/SSH  +    # Check/clear IP block status in /proc/net/ipt_recent/SSH
13  +    /sbin/iptables --new-chain SSH_Autoblock  +    /sbin/iptables --new-chain SSH_Autoblock
14  +    /sbin/iptables --append SSH_Autoblock -m recent --set --name SSH  +    /sbin/iptables --append SSH_Autoblock -m recent --set --name SSH
# Line 46  Line 46 
46  +    /sbin/iptables --replace SSH_Autoblock 2 -m recent --rcheck --rttl \\  +    /sbin/iptables --replace SSH_Autoblock 2 -m recent --rcheck --rttl \\
47  +       --seconds $abtime --hitcount $abtries --name SSH -j denylog  +       --seconds $abtime --hitcount $abtries --name SSH -j denylog
48  +    # Clear SSH_Autoblock site history too  +    # Clear SSH_Autoblock site history too
49  +    echo clear > /proc/net/xt_recent/SSH  +    echo / > /proc/net/xt_recent/SSH
50  +EOF  +EOF
51  +}  +}
52    

Legend:
Removed lines/characters  
Changed lines/characters
  Added lines/characters
admin@koozali.org
 ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed