#!/bin/bash # SSH erlauben - aber vor bruteforce schützen iptables -N SSH-BruteForce iptables -N SSH-Whitelist iptables -A SSH-BruteForce -p tcp --dport 22 -m state --state NEW -m recent --set --name ssh iptables -A SSH-BruteForce -p tcp --dport 22 -m state --state NEW -j SSH-Whitelist iptables -A SSH-BruteForce -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 600 --hitcount 4 --rttl --name ssh -j DROP iptables -I INPUT -j SSH-BruteForce #whitelist iptables -A SSH-Whitelist -s 10.42.0.12 -m recent --remove --name ssh -j ACCEPT exit 0