1
0
Fork 0

Manual backup: 2023-04-10 19:04:27

This commit is contained in:
Alexander Schäferdiek 2023-04-10 19:04:27 +02:00
parent 5b7bce859c
commit dc9eb77276
3 changed files with 6 additions and 8 deletions

View file

@ -4,11 +4,11 @@
"type": "split", "type": "split",
"children": [ "children": [
{ {
"id": "48eb66e7fecab528", "id": "f7331c4ec62394bd",
"type": "tabs", "type": "tabs",
"children": [ "children": [
{ {
"id": "80a5e56ba431d89b", "id": "08d8ac249a3aeba9",
"type": "leaf", "type": "leaf",
"state": { "state": {
"type": "empty", "type": "empty",
@ -120,12 +120,12 @@
"templater-obsidian:Templater": false "templater-obsidian:Templater": false
} }
}, },
"active": "80a5e56ba431d89b", "active": "08d8ac249a3aeba9",
"lastOpenFiles": [ "lastOpenFiles": [
"KB/Linux/Server/SSH Guard.md",
"KB/Linux/Server/Bootstrap.md", "KB/Linux/Server/Bootstrap.md",
"KB/Linux/Server/DNS.md", "KB/Linux/Server/DNS.md",
"KB/Linux/Server/Docker Volume Migration.md", "KB/Linux/Server/Docker Volume Migration.md",
"KB/Linux/Server/SSH Guard.md",
"KB/Linux/Desktop/Firewall.md", "KB/Linux/Desktop/Firewall.md",
"KB/Linux/Server/Hetzner/Storagebox.md", "KB/Linux/Server/Hetzner/Storagebox.md",
"KB/Linux/Server/Hetzner/Upgrades.md", "KB/Linux/Server/Hetzner/Upgrades.md",

View file

@ -27,16 +27,16 @@ If you have a more complex setup and use `docker`, you probably want a `FILTERS`
[sshguard on wiki.archlinux.org](https://wiki.archlinux.org/index.php/Sshguard#iptables). [sshguard on wiki.archlinux.org](https://wiki.archlinux.org/index.php/Sshguard#iptables).
Use this or have rules defined inside `/etc/iptables/{iptables,ip6tables}.rules` for IPv4 or IPv6.
```shell ```shell
# IPv4 # IPv4
iptables -N sshguard iptables -N sshguard
iptables -A INPUT -m multiport -p tcp --destination-ports 22,2222 -j sshguard iptables -A INPUT -m multiport -p tcp --destination-ports 22,2222 -j sshguard
iptables-save > /etc/iptables/iptables.rules
# IPv6 # IPv6
ip6tables -N sshguard ip6tables -N sshguard
ip6tables -A INPUT -m multiport -p tcp --destination-ports 22,2222 -j sshguard ip6tables -A INPUT -m multiport -p tcp --destination-ports 22,2222 -j sshguard
ip6tables-save > /etc/iptables/ip6tables.rules
``` ```
Start with `systemctl enable --now sshguard` or restart afterwards with `systemctl restart sshguard` to apply or `ExecStartPre=` above in sshguard's systemd file. Start with `systemctl enable --now sshguard` or restart afterwards with `systemctl restart sshguard` to apply or `ExecStartPre=` above in sshguard's systemd file.

View file

@ -5,11 +5,9 @@ echo "Applying iptables rules for sshguard";
# IPv4 # IPv4
iptables -N sshguard; iptables -N sshguard;
iptables -A INPUT -m multiport -p tcp --destination-ports 22,2222 -j sshguard; iptables -A INPUT -m multiport -p tcp --destination-ports 22,2222 -j sshguard;
iptables-save > /etc/iptables/iptables.rules;
# IPv6 # IPv6
ip6tables -N sshguard; ip6tables -N sshguard;
ip6tables -A INPUT -m multiport -p tcp --destination-ports 22,2222 -j sshguard; ip6tables -A INPUT -m multiport -p tcp --destination-ports 22,2222 -j sshguard;
ip6tables-save > /etc/iptables/ip6tables.rules;
systemctl restart sshguard; systemctl restart sshguard;