Menu
▾
▴
Re: [SSHGuard-users] Blocked attackers can still access docker containers
|
From: <gi1...@gm...> - 2019-11-01 02:40:18
|
On Thu, Oct 31, 2019 at 05:46:40PM +0100, Christopher Engelhard wrote: > You could try: > 1) changing the blacklist chain to 'hook prerouting' instead of 'hook > input', with a higher priority than that of chain PREROURTING, i.e. > block the traffic before it even reaches the NAT chain. This should > make sshguard block both container- and host-destined traffic. Thank you so much! This worked. When I blindly increased the priority last time I didn't realize it was on a different chain. I hope it doesn't cause trouble with other things to switch that hook. Do you know why sshguard doesn't hook prerouting by default? GI -- The path to inner peace starts with three words: "Not My Business." |
