SSH protection for iptables
#!/bin/bash
# base iptables rules
# run by /etc/rc.local
iptables -F INPUT
iptables -Z INPUT
iptables -P INPUT ACCEPT
iptables -F OUTPUT
iptables -Z OUTPUT
iptables -P OUTPUT ACCEPT
iptables -F FORWARD
iptables -Z FORWARD
iptables -P FORWARD ACCEPT
# SSH protection
iptables -A INPUT -p tcp -m state --state NEW --dport 22 -m recent --update --seconds 10 -j DROP
iptables -A INPUT -p tcp -m state --state NEW --dport 22 -m recent --set -j ACCEPT