[PATCH] Increase SSH Connection Limit
Tim Niemeyer
tim at tn-x.org
So Okt 30 13:05:50 CET 2016
Am Samstag, den 29.10.2016, 21:15 +0200 schrieb mayosemmel:
> Reviewed-by: Jan Kraus <mayosemmel at gmail.com>
Von mir auch.
Und applied.
Tim
>
> Am Donnerstag, den 27.10.2016, 13:50 +0200 schrieb Christian Dresel:
> > Signed-off-by: Christian Dresel <fff at chrisi01.de>
> > ---
> > src/packages/fff/fff-firewall/Makefile | 2 +-
> > src/packages/fff/fff-firewall/files/usr/lib/firewall.d/20-filter-ssh | 4 ++--
> > 2 files changed, 3 insertions(+), 3 deletions(-)
> >
> > diff --git a/src/packages/fff/fff-firewall/Makefile b/src/packages/fff/fff-firewall/Makefile
> > index 80d562f..5f6751c 100644
> > --- a/src/packages/fff/fff-firewall/Makefile
> > +++ b/src/packages/fff/fff-firewall/Makefile
> > @@ -1,7 +1,7 @@
> > include $(TOPDIR)/rules.mk
> >
> > PKG_NAME:=fff-firewall
> > -PKG_VERSION:=1
> > +PKG_VERSION:=2
> > PKG_RELEASE:=1
> >
> > PKG_BUILD_DIR:=$(BUILD_DIR)/fff-firewall
> > diff --git a/src/packages/fff/fff-firewall/files/usr/lib/firewall.d/20-filter-ssh b/src/packages/fff/fff-firewall/files/usr/lib/firewall.d/20-filter-ssh
> > index 7fd4e30..d5cc07a 100644
> > --- a/src/packages/fff/fff-firewall/files/usr/lib/firewall.d/20-filter-ssh
> > +++ b/src/packages/fff/fff-firewall/files/usr/lib/firewall.d/20-filter-ssh
> > @@ -2,6 +2,6 @@
> > iptables -A INPUT -i $IF_WAN -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
> > iptables -A INPUT -i $IF_WAN -j REJECT
> >
> > -# Limit ssh to 3 new connections per 60 seconds
> > +# Limit ssh to 6 new connections per 60 seconds
> > /usr/sbin/ip6tables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --set --name dropbear
> > -/usr/sbin/ip6tables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 60 --hitcount 3 --rttl --name dropbear -j DROP
> > +/usr/sbin/ip6tables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 60 --hitcount 6 --rttl --name dropbear -j DROP
> > --
> > 2.1.4
> >
>
> --
> franken-dev mailing list
> franken-dev at freifunk.net
> http://lists.freifunk.net/mailman/listinfo/franken-dev-freifunk.net
-------------- nächster Teil --------------
Ein Dateianhang mit Binärdaten wurde abgetrennt...
Dateiname : signature.asc
Dateityp : application/pgp-signature
Dateigröße : 473 bytes
Beschreibung: This is a digitally signed message part
URL : <http://lists.freifunk.net/pipermail/franken-dev-freifunk.net/attachments/20161030/2e6b0e3e/attachment.sig>
Mehr Informationen über die Mailingliste franken-dev