Manual backup: 2023-04-10 19:04:27
This commit is contained in:
parent
5b7bce859c
commit
dc9eb77276
3 changed files with 6 additions and 8 deletions
8
.obsidian/workspace.json
vendored
8
.obsidian/workspace.json
vendored
|
|
@ -4,11 +4,11 @@
|
||||||
"type": "split",
|
"type": "split",
|
||||||
"children": [
|
"children": [
|
||||||
{
|
{
|
||||||
"id": "48eb66e7fecab528",
|
"id": "f7331c4ec62394bd",
|
||||||
"type": "tabs",
|
"type": "tabs",
|
||||||
"children": [
|
"children": [
|
||||||
{
|
{
|
||||||
"id": "80a5e56ba431d89b",
|
"id": "08d8ac249a3aeba9",
|
||||||
"type": "leaf",
|
"type": "leaf",
|
||||||
"state": {
|
"state": {
|
||||||
"type": "empty",
|
"type": "empty",
|
||||||
|
|
@ -120,12 +120,12 @@
|
||||||
"templater-obsidian:Templater": false
|
"templater-obsidian:Templater": false
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"active": "80a5e56ba431d89b",
|
"active": "08d8ac249a3aeba9",
|
||||||
"lastOpenFiles": [
|
"lastOpenFiles": [
|
||||||
|
"KB/Linux/Server/SSH Guard.md",
|
||||||
"KB/Linux/Server/Bootstrap.md",
|
"KB/Linux/Server/Bootstrap.md",
|
||||||
"KB/Linux/Server/DNS.md",
|
"KB/Linux/Server/DNS.md",
|
||||||
"KB/Linux/Server/Docker Volume Migration.md",
|
"KB/Linux/Server/Docker Volume Migration.md",
|
||||||
"KB/Linux/Server/SSH Guard.md",
|
|
||||||
"KB/Linux/Desktop/Firewall.md",
|
"KB/Linux/Desktop/Firewall.md",
|
||||||
"KB/Linux/Server/Hetzner/Storagebox.md",
|
"KB/Linux/Server/Hetzner/Storagebox.md",
|
||||||
"KB/Linux/Server/Hetzner/Upgrades.md",
|
"KB/Linux/Server/Hetzner/Upgrades.md",
|
||||||
|
|
|
||||||
|
|
@ -27,16 +27,16 @@ If you have a more complex setup and use `docker`, you probably want a `FILTERS`
|
||||||
|
|
||||||
[sshguard on wiki.archlinux.org](https://wiki.archlinux.org/index.php/Sshguard#iptables).
|
[sshguard on wiki.archlinux.org](https://wiki.archlinux.org/index.php/Sshguard#iptables).
|
||||||
|
|
||||||
|
Use this or have rules defined inside `/etc/iptables/{iptables,ip6tables}.rules` for IPv4 or IPv6.
|
||||||
|
|
||||||
```shell
|
```shell
|
||||||
# IPv4
|
# IPv4
|
||||||
iptables -N sshguard
|
iptables -N sshguard
|
||||||
iptables -A INPUT -m multiport -p tcp --destination-ports 22,2222 -j sshguard
|
iptables -A INPUT -m multiport -p tcp --destination-ports 22,2222 -j sshguard
|
||||||
iptables-save > /etc/iptables/iptables.rules
|
|
||||||
|
|
||||||
# IPv6
|
# IPv6
|
||||||
ip6tables -N sshguard
|
ip6tables -N sshguard
|
||||||
ip6tables -A INPUT -m multiport -p tcp --destination-ports 22,2222 -j sshguard
|
ip6tables -A INPUT -m multiport -p tcp --destination-ports 22,2222 -j sshguard
|
||||||
ip6tables-save > /etc/iptables/ip6tables.rules
|
|
||||||
```
|
```
|
||||||
|
|
||||||
Start with `systemctl enable --now sshguard` or restart afterwards with `systemctl restart sshguard` to apply or `ExecStartPre=` above in sshguard's systemd file.
|
Start with `systemctl enable --now sshguard` or restart afterwards with `systemctl restart sshguard` to apply or `ExecStartPre=` above in sshguard's systemd file.
|
||||||
|
|
|
||||||
|
|
@ -5,11 +5,9 @@ echo "Applying iptables rules for sshguard";
|
||||||
# IPv4
|
# IPv4
|
||||||
iptables -N sshguard;
|
iptables -N sshguard;
|
||||||
iptables -A INPUT -m multiport -p tcp --destination-ports 22,2222 -j sshguard;
|
iptables -A INPUT -m multiport -p tcp --destination-ports 22,2222 -j sshguard;
|
||||||
iptables-save > /etc/iptables/iptables.rules;
|
|
||||||
|
|
||||||
# IPv6
|
# IPv6
|
||||||
ip6tables -N sshguard;
|
ip6tables -N sshguard;
|
||||||
ip6tables -A INPUT -m multiport -p tcp --destination-ports 22,2222 -j sshguard;
|
ip6tables -A INPUT -m multiport -p tcp --destination-ports 22,2222 -j sshguard;
|
||||||
ip6tables-save > /etc/iptables/ip6tables.rules;
|
|
||||||
|
|
||||||
systemctl restart sshguard;
|
systemctl restart sshguard;
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue