summaryrefslogtreecommitdiff
path: root/data/templates/ssh/sshguard_whitelist.tmpl
AgeCommit message (Collapse)Author
2023-07-19sshguard: T5354: Add service ssh dynamic-protectionViacheslav Hletenko
Sshguard protects hosts from brute-force attacks It can inspect logs and block "bad" addresses by threshold Auto-generates own tables and rules for nftables, so they are not intercept with VyOS firewall rules. When service stops, all generated tables are deleted. set service ssh dynamic-protection set service ssh dynamic-protection allow-from '192.0.2.1' set service ssh dynamic-protection block-time '120' set service ssh dynamic-protection detect-time '1800' set service ssh dynamic-protection threshold '30'