Menu
▾
▴
[Sshguard-users] sshguard+iptables
|
From: mihkel m. <zeb...@ho...> - 2010-09-21 14:43:45
|
Hello, I use the following raw file method: tail -n0 -f /var/log/auth.log | /usr/local/sbin/sshguard -w /etc/sshguard.wl -a 10 -b 10:/etc/sshguard.bl My iptables default config is iptables -N sshguard iptables -A INPUT -p tcp -i eth0 --dport 80 -j ACCEPT iptables -A INPUT -p tcp -i eth0 --dport 443 -j ACCEPT iptables -A INPUT -p tcp -i eth0 --dport 21 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 22 -j sshguard And my chain policies are: iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT ACCEPT (just for testing purposes) So if I have default policy to DROP everything and if it didn't pass any of my default rules - it will be dropped, right? Until the sshguard chain is empty, I cant access to my ssh server. What could be the solution? If I start the sshguard, will it immediately add whitelist IP-s to sshguard chain. I cant see them, is there something wrong in my logic? Thank you in advance! BR, z |
