info:ssh-geoip
Differences
This shows you the differences between two versions of the page.
| Next revision | Previous revision | ||
|
info:ssh-geoip [2017/03/01 20:51] created |
info:ssh-geoip [2017/03/01 21:19] (current) [2. Install filter script] |
||
|---|---|---|---|
| Line 8: | Line 8: | ||
| ===== 2. Install filter script ===== | ===== 2. Install filter script ===== | ||
| - | wget https://gist.github.com/jokey2k/a74f56955124880749e7/raw/4992f993c4777c5f93513a7c66754b8765271bd9/sshfilter.sh > /usr/local/bin/ipfilter.sh | + | wget -O /usr/local/bin/ipfilter.sh https://gist.github.com/jokey2k/a74f56955124880749e7/raw/4992f993c4777c5f93513a7c66754b8765271bd9/sshfilter.sh |
| ===== 3. Make it executable ===== | ===== 3. Make it executable ===== | ||
| chmod +x /usr/local/bin/ipfilter.sh | chmod +x /usr/local/bin/ipfilter.sh | ||
| Line 20: | Line 19: | ||
| We want default behaviour to block all SSH traffic | We want default behaviour to block all SSH traffic | ||
| - | sed -i '/^sshd/d' ./infile | + | sed -i '/^sshd/d' /etc/hosts.deny |
| echo sshd: ALL >> /etc/hosts.deny | echo sshd: ALL >> /etc/hosts.deny | ||
| Line 26: | Line 25: | ||
| Now call our script for allow traffic from inside hosts.allow | Now call our script for allow traffic from inside hosts.allow | ||
| - | sed -i '/^sshd/d' ./infile | + | sed -i '/^sshd/d' /etc/hosts.allow |
| echo "sshd: ALL: spawn /usr/local/bin/ipfilter.sh %a" >> /etc/hosts.allow | echo "sshd: ALL: spawn /usr/local/bin/ipfilter.sh %a" >> /etc/hosts.allow | ||
info/ssh-geoip.1488361874.txt.gz · Last modified: 2017/03/01 20:51 by
Page Tools
