Reply To: Unable to block address from trying to access my SSH server

Home Page Forums Network Management ZeroShell Unable to block address from trying to access my SSH server Reply To: Unable to block address from trying to access my SSH server

#53810

redfive
Participant

If you need ssh acces from your wan interface (otherwise, you may simply play with the ssh tab), you may take a look at your SYS_SSH chain

root@captive ~> iptables -L SYS_SSH -v
Chain SYS_SSH (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- lo any anywhere anywhere
0 0 ACCEPT all -- any any 192.168.0.0/24 anywhere
485 38144 ACCEPT all -- ETH02 any anywhere anywhere
78 5908 ACCEPT all -- ETH01 any anywhere anywhere
0 0 DROP all -- any any anywhere anywhere

Then add a line for each CIDR you want block, eg with 50.0.0.0/8

root@captive ~> iptables -I SYS_SSH -s 50.0.0.0/8 -j DROP

Lets look now the ssh chain

root@captive ~> iptables -L SYS_SSH -v
Chain SYS_SSH (1 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- any any 50-0-0-0.static.sonic.net/8 anywhere
0 0 ACCEPT all -- lo any anywhere anywhere
0 0 ACCEPT all -- any any 192.168.0.0/24 anywhere
579 44556 ACCEPT all -- ETH02 any anywhere anywhere
78 5908 ACCEPT all -- ETH01 any anywhere anywhere
0 0 DROP all -- any any anywhere anywhere

Remember , -I (–insert) will add the rule always at the top of the chain, so if you add 4 rules, the 4th will be the 1st, the 3rd the 2nd and so on.. you may add the rules in the post-boot script.
Regards