sslug-teknik team mailing list archive

Thread
Date

Re: Hvordan blokerer jeg adgang til sshd

To: sslug-teknik@xxxxxxxx
From: "Mogens Melander" <mogens@xxxxxxxxxxxxx>
Date: Mon, 2 Jul 2007 22:15:45 +0200 (CEST)
Delivered-to: mailing list sslug-teknik@xxxxxxxx
Importance: Normal
In-reply-to: <2094.90.184.17.152.1183404536.squirrel@mail.fumlersoft.dk>
Mailing-list: contact sslug-teknik-help@xxxxxxxx; run by ezmlm
User-agent: SquirrelMail/1.4.8

On Mon, July 2, 2007 21:28, Mogens Melander wrote:
>
> On Tue, July 3, 2007 03:57, Hans Ole wrote:
>> Jeg vil kun tillade login fra visse ipnumre, et fast og et range.
>> Hvordan og hvor g?r jeg det?
> Du skulle/burde have et firewall script i din boot sequence der bla.
> indeholder:
>
> # Set default policies
> iptables -P INPUT DROP
> iptables -P FORWARD DROP
> iptables -P OUTPUT ACCEPT
>
>
> Følgende kan indsættes tidligt i scriptet, efter 'set default'
>

inputinterface="eth0"
segment="192.168.0.0/24"
ipaddr="192.168.1.1"

Øv, jeg glemte lige noget :^/

  iptables -I INPUT -i $inputinterface --dport ssh -s $segment -j ACCEPT
  iptables -I INPUT -i $inputinterface --dport ssh -s $ipaddr -j ACCEPT
# dobbelt ( drop er default)
  iptables -A INPUT -i $inputinterface --dport ssh -j DROP


-- 
Later

Mogens Melander
+45 40 85 71 38
+66 870 133 224



-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

References

Hvordan blokerer jeg adgang til sshd
From: Hans Ole, 2007-07-02
Re: Hvordan blokerer jeg adgang til sshd
From: Mogens Melander, 2007-07-02