Using iptables to block ftp access

Discussion in 'Installation/Configuration' started by bswinnerton, May 13, 2008.

  1. bswinnerton

    bswinnerton New Member

    Is it possible to use a command similar to this:

    Code:
    sudo iptables -A INPUT -i eth0 -p tcp --dport 22 -m state --state NEW -m recent --set --name SSH
sudo iptables -A INPUT -i eth0 -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 60 --hitcount 8 --rttl --name SSH -j DROP
    to block ftp access in the same way?

    It would look something like this:

    Code:
    sudo iptables -A INPUT -i eth0 -p tcp --dports 20,21 -m state --state NEW -m recent --set --name FTP
sudo iptables -A INPUT -i eth0 -p tcp --dports 20,21 -m state --state NEW -m recent --update --seconds 60 --hitcount 8 --rttl --name FTP -j DROP
     
    bswinnerton, May 13, 2008
    #1
  2. falko

    falko Super Moderator Howtoforge Staff

    Basically it *should* work.
     
    falko, May 14, 2008
    #2
  3. bswinnerton

    bswinnerton New Member

    =) Thanks Falko
     
    bswinnerton, May 14, 2008
    #3
  4. chipsafts

    chipsafts New Member

    or you could use /etc/hosts.deny
    and get the stats from the system log file.
     
    chipsafts, May 14, 2008
    #4
  5. bswinnerton

    bswinnerton New Member

    Would that automatically block them?
     
    bswinnerton, May 18, 2008
    #5
  6. falko

    falko Super Moderator Howtoforge Staff

    Yes, that's right.
     
    falko, May 19, 2008
    #6

Share This Page