Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Westi on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
blocking ssh from 10.0.0*
- Thread starter haneo
- Start date
Here is a solution
iptables -A INPUT -s ip_address_to_block --dport 22 -j DROP
iptables -A FORWARD -s ip_address_to_block --dport 22 -j DROP
service iptables save
I know that there is a way of doing this directly from SSH config files like known_hosts or something similar. If I find if I will post it.
In the meantime iptables should do.
Bye
Qatqat
The reason why my girlfriend can read my thoughts is because mine are properly written! (G.Lepore)
iptables -A INPUT -s ip_address_to_block --dport 22 -j DROP
iptables -A FORWARD -s ip_address_to_block --dport 22 -j DROP
service iptables save
I know that there is a way of doing this directly from SSH config files like known_hosts or something similar. If I find if I will post it.
In the meantime iptables should do.
Bye
Qatqat
The reason why my girlfriend can read my thoughts is because mine are properly written! (G.Lepore)
Hoops, I forgot something...
iptables -A INPUT -j DROP -s ip_to_block/subnet -p tcp --dport 22
and the same for the FORWARD chain.
If you don't specify the protocol then you can't use --dport.
Bye
Qatqat
The reason why my girlfriend can read my thoughts is because mine are properly written! (G.Lepore)
iptables -A INPUT -j DROP -s ip_to_block/subnet -p tcp --dport 22
and the same for the FORWARD chain.
If you don't specify the protocol then you can't use --dport.
Bye
Qatqat
The reason why my girlfriend can read my thoughts is because mine are properly written! (G.Lepore)
- Status
Similar threads
- Locked
- Question