summaryrefslogtreecommitdiff
path: root/data/templates/ssh/sshguard_whitelist.j2
AgeCommit message (Collapse)Author
2023-12-31T5474: establish common file name pattern for XML conf mode commandsChristian Breunig
We will use _ as CLI level divider. The XML definition filename and also the Python helper should match the CLI node. Example: set interfaces ethernet -> interfaces_ethernet.xml.in set interfaces bond -> interfaces_bond.xml.in set service dhcp-server -> service_dhcp-server-xml.in
2022-05-13sshguard: T4408: rename whitelist-address -> allow-fromChristian Poessinger
We do not only allow individual host addresses but also prefixes.
2022-05-12sshguard: T4408: Add service ssh dynamic-protectionViacheslav Hletenko
Sshguard protects hosts from brute-force attacks Can inspect logs and block "bad" addresses by threshold Auto-generate rules for nftables When service stopped all generated rules are deleted nft "type filter hook input priority filter - 10" set service ssh dynamic-protection set service ssh dynamic-protection block-time 120 set service ssh dynamic-protection detect-time 1800 set service ssh dynamic-protection threshold 30 set service ssh dynamic-protection whitelist-address 192.0.2.1
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-29 11:09:21 +0000