Script iptables SSHlimit.sh
Jump to navigation
Jump to search
#!/bin/sh # # Firewall rules to limit ssh incoming connections # limit ssh incoming connection to 3 for minutes from a same ip PATH=/sbin:/bin:/usr/sbin:/usr/bin; RET_CODE=0 case "$1" in start) iptables-legacy -I INPUT -p tcp --dport 22 -m state --state NEW -m recent --set --name SSH_LIST; iptables-legacy -I INPUT -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 60 --hitcount 3 --name SSH_LIST -j DROP; ;; stop) iptables-legacy -D INPUT -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 60 --hitcount 3 --name SSH_LIST -j DROP; iptables-legacy -D INPUT -p tcp --dport 22 -m state --state NEW -m recent --set --name SSH_LIST; ;; status) iptables-legacy -L -n --line-numbers; ;; restart|reload|force-reload) echo "Error: argument '$1' not supported" >&2; RET_CODE=1; ;; *) echo "Usage: $0 {start|stop|status}"; RET_CODE=1; ;; esac; exit "${RET_CODE}"; # End