Created
May 28, 2018 07:20
-
-
Save whiler/e20ba1017282649f04366be021590153 to your computer and use it in GitHub Desktop.
ping before ssh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| iptables --table filter --append INPUT --match conntrack --ctstate ESTABLISHED,RELATED --match comment --comment "Allow established and related connections" --jump ACCEPT | |
| iptables --table filter --append INPUT --protocol icmp --icmp-type echo-request --match length --length 84 --match recent --set --name openSSH --rsource --match comment --comment "ping before ssh" --jump LOG --log-prefix "OpenDoor SSH: " --log-level 7 | |
| iptables --table filter --append INPUT --protocol tcp --dport ssh --syn --match recent ! --rcheck --seconds 30 --name openSSH --rsource --match comment --comment "Drop SSH connection not pinged recently" --jump DROP |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment