1. Forum
  2. FidoNet
  3. LINUX BBS

  • neat stuff....

    From Janis Kracht@1:261/38 to All on Sunday, November 15, 2015 05:41:22
    This is nothing shocking for Ubuntu for me it was tonight :)

    Instead of fighting with understanding where ShoreWall was going, I just used IPTables to kill idiot spammers on my telnet port on my linux box:

    sudo iptables -I INPUT -p tcp --dport 23 -i eth0 -m state --state NEW -m recent
    --set

    sudo iptables -I INPUT -p tcp --dport 23 -i eth0 -m state --state NEW -m recent --update --seconds 30 --hitcount 2 -j DROP

    All of a sudden idiots cannot connect here after 30 seconds <g>

    --- BBBS/Li6 v4.10 Dada-2
    * Origin: Prism bbs (1:261/38)
  • From Benny Pedersen@2:230/0 to Janis Kracht on Friday, February 19, 2016 15:41:34
    Hello Janis!

    15 Nov 2015 05:41, Janis Kracht wrote to All:

    This is nothing shocking for Ubuntu for me it was tonight :)

    haha, try funtoo

    Instead of fighting with understanding where ShoreWall was going, I
    just used IPTables to kill idiot spammers on my telnet port on my
    linux box:

    sudo shorewall --version

    sudo iptables -I INPUT -p tcp --dport 23 -i eth0 -m state --state NEW
    -m recent --set

    imho invalid

    sudo iptables -I INPUT -p tcp --dport 23 -i eth0 -m state --state NEW
    -m recent --update --seconds 30 --hitcount 2 -j DROP

    you have fun touching kernel space as a sudo (l)user ? :=)

    All of a sudden idiots cannot connect here after 30 seconds <g>

    indeed, just remember i say i would like to help you with shorewall ?


    Regards Benny

    ... there can only be one way of life, and it works :)

    --- Msged/LNX 6.2.0 (Linux/4.4.0-gentoo (i686))
    * Origin: openvpn on its way here (2:230/0)
  • From Janis Kracht@1:261/38 to Benny Pedersen on Friday, February 19, 2016 13:25:56
    Hi Benny,

    sudo iptables -I INPUT -p tcp --dport 23 -i eth0 -m state --state NEW
    -m recent --set

    imho invalid

    That's the first step. That step must be folllowed by #2 below. How do you think Shorewall works? it sets the same type commands as these two with Python
    scripts <g>

    sudo iptables -I INPUT -p tcp --dport 23 -i eth0 -m state --state NEW
    -m recent --update --seconds 30 --hitcount 2 -j DROP

    All of a sudden idiots cannot connect here after 30 seconds <g>

    indeed, just remember i say i would like to help you with shorewall ?

    Not needed, and not wanted here. I can control it all by setting the dport, and seconds after their initial connect.

    Most people don't understand Iptables. It's not hard to work with when you understand it.

    Here is what I'm using now, works great: Step 1:
    sudo iptables -I INPUT -p tcp --dport 23 -i eth0 -m state --state NEW -m recent
    --set

    Step 2:
    sudo iptables -I INPUT -p tcp --dport 23 -i eth0 -m state --state NEW -m recent
    --update --seconds 60 --hitcount 4 -j DROP

    I use the same commands for port 8080 btw.

    These commands will flush your iptables filewall, and remove all currently active rules when you want to change the settings.

    iptables -F
    iptables -X

    Take care,
    Janis

    --- BBBS/Li6 v4.10 Dada-2
    * Origin: Prism bbs (1:261/38)