summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2022-03-06 09:58:22 +0100
committerChristian Poessinger <christian@poessinger.com>2022-03-06 09:58:22 +0100
commit1d0d4e83d8413c1b389be763cadd5d150d4be982 (patch)
tree842e0ebbb3a2f78c18ce48e646f0fe7b6d66b5fb
parent1073df8c3aa2a56af861155290a77a59bf5739bf (diff)
downloadvyos-1x-1d0d4e83d8413c1b389be763cadd5d150d4be982.tar.gz
vyos-1x-1d0d4e83d8413c1b389be763cadd5d150d4be982.zip
smoketest: config: add "recent" firewall rule to dialup-router
-rw-r--r--smoketest/configs/dialup-router-complex16
1 files changed, 16 insertions, 0 deletions
diff --git a/smoketest/configs/dialup-router-complex b/smoketest/configs/dialup-router-complex
index fef79ea56..1b62deb5c 100644
--- a/smoketest/configs/dialup-router-complex
+++ b/smoketest/configs/dialup-router-complex
@@ -267,6 +267,22 @@ firewall {
}
protocol udp
}
+ rule 800 {
+ action drop
+ description "SSH anti brute force"
+ destination {
+ port ssh
+ }
+ log enable
+ protocol tcp
+ recent {
+ count 4
+ time 60
+ }
+ state {
+ new enable
+ }
+ }
}
name DMZ-WAN {
default-action accept