Search
Search

Use iptables to block ssh

user255136 Published at Dev
23
user255136

I have a linux machine (turnkey core 14.2) with two network cards.

eth0 is a public ip, WAN (let's call it 123.123.123.123).

eth1 is my network, LAN.

I would like to block SSH from the WAN with iptables.

I use the command

sudo iptables -A INPUT -p tcp -s 123.123.123.123 --dport 22 -j DROP

If I then write

sudo iptables -L

I get the answer

Chain INPUT (policy ACCEPT)

target   prot opt source            destination

DROP     tcp  --  123.123.123.123   anywhere      tcp dpt:ssh

Problem is that I'm not blocked if I use PuTTY to connect to 123.123.123.123.

Any idea what I'm doing wrong?

sebasth

You are matching traffic by source address (-s option), instead of destination address (-d option), which is why your rule doesn't drop any traffic from other hosts.

You can also match by input interface (instead of address) with -i option. For example to drop all incoming traffic to port 22 for eth0:

iptables -A INPUT -i eth0 -p tcp --dport 22 -j DROP

Collected from the Internet

Please contact [email protected] to delete if infringement.

edited at
0

Comments

0 comments
Login to comment

Related

Trying to use iptables to block all traffic except for SSH and RDP

iptables unable to block local ssh connection

How to Block SSH Brute Force via Iptables and How does it work?

iptables and ssh

Fail2ban block with IPtables doesn't work on Debian Lenny. [moved ssh port]

Block China with iptables

Nginx + iptables redirect and block

Block MAC for a port iptables

ssh tunnel/forwarding & iptables

iptables not blocking ssh bruteforce?

IPTables ssh port redirect

Iptables outbound block denies inbound

IPtables don't block IP

How to block https website with iptables

Block ESTABLISHED connections with firewalld/iptables

Config iptables ssh over VPN

Is Iptables blocking outgoing ssh connections?

Use NAT with iptables and a bridge

Twig block USE in IF block

How to block IP in ssh

Why does iptables still block my samba?

Iptables Fail to block inbound from specific ip

iptables - how to allow internet but block subnet?

IPTables do not block IP with ipset immediately

ufw & iptables don't block incoming connection

Why did this iptables rule block my webserver?

Iptables setting seem to block all traffic

How can I block ping requests with IPTables?

Block traffic to LAN but allow traffic to Internet (iptables)

TOP Ranking

  1. 1

    Loopback Error: connect ECONNREFUSED 127.0.0.1:3306 (MAMP)

  2. 2

    Can't pre-populate phone number and message body in SMS link on iPhones when SMS app is not running in the background

  3. 3

    pump.io port in URL

  4. 4

    How to import an asset in swift using Bundle.main.path() in a react-native native module

  5. 5

    Failed to listen on localhost:8000 (reason: Cannot assign requested address)

  6. 6

    Spring Boot JPA PostgreSQL Web App - Internal Authentication Error

  7. 7

    Emulator wrong screen resolution in Android Studio 1.3

  8. 8

    3D Touch Peek Swipe Like Mail

  9. 9

    Double spacing in rmarkdown pdf

  10. 10

    Svchost high CPU from Microsoft.BingWeather app errors

  11. 11

    How to how increase/decrease compared to adjacent cell

  12. 12

    Using Response.Redirect with Friendly URLS in ASP.NET

  13. 13

    java.lang.NullPointerException: Cannot read the array length because "<local3>" is null

  14. 14

    BigQuery - concatenate ignoring NULL

  15. 15

    How to fix "pickle_module.load(f, **pickle_load_args) _pickle.UnpicklingError: invalid load key, '<'" using YOLOv3?

  16. 16

    ngClass error (Can't bind ngClass since it isn't a known property of div) in Angular 11.0.3

  17. 17

    Can a 32-bit antivirus program protect you from 64-bit threats

  18. 18

    Make a B+ Tree concurrent thread safe

  19. 19

    Bootstrap 5 Static Modal Still Closes when I Click Outside

  20. 20

    Vector input in shiny R and then use it

  21. 21

    Assembly definition can't resolve namespaces from external packages

HotTag

Archive