alexander.schaeferdiek/knowledge-base
1
0
Fork 0
Code Activity

Manual backup: 2023-04-10 19:04:27

Browse source
This commit is contained in:
Alexander Schäferdiek 2023-04-10 19:04:27 +02:00
parent 5b7bce859c
commit dc9eb77276
3 changed files with 6 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
.obsidian/workspace.json vendored
View file

@ -4,11 +4,11 @@
"type": "split",
"children": [
{
"id": "48eb66e7fecab528",
"id": "f7331c4ec62394bd",
"type": "tabs",
"children": [
{
"id": "80a5e56ba431d89b",
"id": "08d8ac249a3aeba9",
"type": "leaf",
"state": {
"type": "empty",
@ -120,12 +120,12 @@
"templater-obsidian:Templater": false
}
},
"active": "80a5e56ba431d89b",
"active": "08d8ac249a3aeba9",
"lastOpenFiles": [
"KB/Linux/Server/SSH Guard.md",
"KB/Linux/Server/Bootstrap.md",
"KB/Linux/Server/DNS.md",
"KB/Linux/Server/Docker Volume Migration.md",
"KB/Linux/Server/SSH Guard.md",
"KB/Linux/Desktop/Firewall.md",
"KB/Linux/Server/Hetzner/Storagebox.md",
"KB/Linux/Server/Hetzner/Upgrades.md",

4
KB/Linux/Server/SSH Guard.md
View file

@ -27,16 +27,16 @@ If you have a more complex setup and use `docker`, you probably want a `FILTERS`
[sshguard on wiki.archlinux.org](https://wiki.archlinux.org/index.php/Sshguard#iptables).
Use this or have rules defined inside `/etc/iptables/{iptables,ip6tables}.rules` for IPv4 or IPv6.
```shell
# IPv4
iptables -N sshguard
iptables -A INPUT -m multiport -p tcp --destination-ports 22,2222 -j sshguard
iptables-save > /etc/iptables/iptables.rules
# IPv6
ip6tables -N sshguard
ip6tables -A INPUT -m multiport -p tcp --destination-ports 22,2222 -j sshguard
ip6tables-save > /etc/iptables/ip6tables.rules
```
Start with `systemctl enable --now sshguard` or restart afterwards with `systemctl restart sshguard` to apply or `ExecStartPre=` above in sshguard's systemd file.

2
KB/Linux/Server/sshguard-iptables/sshguard-iptables
View file

@ -5,11 +5,9 @@ echo "Applying iptables rules for sshguard";
# IPv4
iptables -N sshguard;
iptables -A INPUT -m multiport -p tcp --destination-ports 22,2222 -j sshguard;
iptables-save > /etc/iptables/iptables.rules;
# IPv6
ip6tables -N sshguard;
ip6tables -A INPUT -m multiport -p tcp --destination-ports 22,2222 -j sshguard;
ip6tables-save > /etc/iptables/ip6tables.rules;
systemctl restart sshguard;