SSH protection for iptables

2/15/2015 - 9:08 AM

SSH protection for iptables

#!/bin/bash

# base iptables rules
# run by /etc/rc.local

iptables -F INPUT
iptables -Z INPUT
iptables -P INPUT ACCEPT

iptables -F OUTPUT
iptables -Z OUTPUT
iptables -P OUTPUT ACCEPT

iptables -F FORWARD
iptables -Z FORWARD
iptables -P FORWARD ACCEPT

# SSH protection
iptables -A INPUT -p tcp -m state --state NEW --dport 22 -m recent --update --seconds 10 -j DROP
iptables -A INPUT -p tcp -m state --state NEW --dport 22 -m recent --set -j ACCEPT

Cacher is the code snippet organizer for pro developers

We empower you and your team to get more done, faster

SSH protection for iptables