olemskoi.ru

Adding comments to iptables rules (перепечатка)

Комментариев нет

After I wrote a recent post on best practices for iptables, I noticed that I forgot to mention comments for iptables rules. They can be extremely handy if you have some obscure rules for odd situations.

To make an iptables rule with a comment, simply add on the following arguments to the rule:

-m comment --comment "limit ssh access"

Depending on your distribution, you may need to load the ipt_comment or xt_comment modules into your running kernel first.

A full iptables rule to limit ssh access would look something like this:

iptables -A INPUT -j DROP -p tcp --dport 22 -m comment --comment "limit ssh access"

©2010 Racker Hacker. All Rights Reserved.

.

Похожие записи:

  1. Best practices: iptables
  2. CentOS + OpenVZ: iptables ssh-anti-bruteforce в контейнере
  3. ip_conntrack perfomance
  4. Private network interfaces: the forgotten security hole
  5. Еще один способ отбиться от небольшого DDOS

26.07.2010

Рубрики: Интересные RSS-выборки (новости),Интересные RSS-выборки (софт)

Теги: , , , ,

Оригинал: http://rackerhacker.com/2010/07/26/adding-comments-to-iptables-rules/

Источник: Racker Hacker

«
»

Комментировать