 |  |  |  |  |  |  |  |
iptables -m recent conflicting
 |
Running ubuntu 8.04.
I'm using the recent module in two different chains SSH_PROTECT and FTP_PROTECT. What I want is for an ip to be allowed to make a new connection to SSH port 22 once every 60 seconds and FTP port 21 once every 30 seconds.
What actually happens is when an ip makes a new connection to either port 21 or 22, they cannot connect to port 21 for the next 30 seconds or port 22 for the next 60 seconds.
The recent module is only storing a session for an ip. I need it to store a session for an ip/port, or one session for each chain it's in. Is this possible?
I'm using the recent module in two different chains SSH_PROTECT and FTP_PROTECT. What I want is for an ip to be allowed to make a new connection to SSH port 22 once every 60 seconds and FTP port 21 once every 30 seconds.
iptables -N SSH_PROTECT iptables -A SSH_PROTECT -m recent --set iptables -A SSH_PROTECT -m recent --update --seconds 60 --hitcount 2 -j DROP iptables -A SSH_PROTECT -j DROP iptables -N FTP_PROTECT iptables -A FTP_PROTECT -m recent --set iptables -A FTP_PROTECT -m recent --update --seconds 30 --hitcount 2 -j DROP iptables -A FTP_PROTECT -j DROP iptables -A INPUT iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -m state --state NEW -p tcp --dport 22 -j SSH_PROTECT iptables -A INPUT -m state --state NEW -i eth1 -p tcp --dport 21 -j FTP_PROTECT iptables -P INPUT DROP
What actually happens is when an ip makes a new connection to either port 21 or 22, they cannot connect to port 21 for the next 30 seconds or port 22 for the next 60 seconds.
The recent module is only storing a session for an ip. I need it to store a session for an ip/port, or one session for each chain it's in. Is this possible?
|
Other Threads in the Network Security Forum
- Previous Thread: How do I stop a DOS?
- Next Thread: iptables -p udp and -m udp
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Latest Network Security Posts
- Today's Posts
- Unanswered Threads
Related Forum Features
2008 adobe advice antivirus apple attack banking barackobama botnet breach browser business china confidentiality crime cybercrime cyberwarfare daniweb data database dataloss dataprotection development email emailretention encryption exploit facebook flash forensic fraud gadget gartner google government hack hacker hacking hardware homelandsecurity hotmail idtheft information internet iphone kaspersky kernel koobface law linux malware mcafee mckinnon microsoft military mobile music nasa nationalsecurity network news obama password passwords pentagon phishing phone politics privacy report research review safari sans satnav scam search security skype socialnetworking software sophos spam survey symantec symbian terrorism terrorist trends trojan twitter uk usb virus vulnerability web wireless worm yahoo youtube
