How to advertise a different router/gateway ip via DHCP in OpenWRT? In general, you need to configure the DHCP option with code 3 (router). (A list of all options can be found in http://www.networksorcery.com/enp/protocol/bootp/options.htm ) For example, to advise the gateway IP 192.168.1.2, you will send this option: “3,192.168.1.2” Now, for OpenWRT, you have 2 […]
What is a good basic iptables config? Basic rules needed: Allow incoming TCP to 22 for SSH but blocks all others. Allow outgoing TCP/UDP connections. You may consider using the following rules as a start: for tables in iptables ip6tables ; do # Flush existing rules $tables -F # Default policy $tables -P INPUT DROP […]
How to log connections hitting certain rules in iptables on Linux? Like the one that are dropped because of too frequently creating SSH connections. You can create a new chain named LOGNDROP that log the connections and drop them, then pass the connection to be redirected to the LOGNDROP chain. $tables -N LOGNDROP # Connections […]
How to use iptables to limit rates new SSH incoming connections from each IP on Linux? For example, at most 6 SSH connection attempts every 60 seconds. You may use these rules (skip the first one, if you have set the basic rules): for tables in iptables ip6tables ; do # Allow established inbound connections […]
Yes. The configuration is made persistent. Answered by Eric Z Ma.
Our servers run inside our own cluster and no firewall is needed. How to totally disable firewall or iptables on Fedora 20? Fedora 20 uses FirewallD as the firewall service. To totally disable firewalld: # systemctl disable firewalld # systemctl stop firewalld Answered by Eric Z Ma.