https://wiki.contribs.org/AutoBlock
Default values
AutoBlockTime=900 # 900 seconds (15 minutes).
AutoBlockTries=4 # meaning that 3 Tries are allowed, the fourth trie is blocked.
AutoBlock=disabled # default for SME Server 8
AutoBlock=enabled # default for SME Server 9
How to tune hitrates?
db configuration setprop sshd AutoBlockTries {n} # [ignore parentheses, just enter a number]
signal-event remoteaccess-update
How to tune Blocktime?
db configuration setprop sshd AutoBlockTime {s} # [ignore parentheses, just enter a number]
signal-event remoteaccess-update
How to disable/enable SSH_Autoblock?
db configuration setprop sshd AutoBlock disabled
or:
db configuration setprop sshd AutoBlock enabled
followed by:
signal-event remoteaccess-update
How to access the AutoBlock history?
- For SME8:
cat /proc/net/ipt_recent/SSH
- For SME9:
cat /proc/net/xt_recent/SSH
the current block status
How to display the current block status for the last 100 IP addresses seen:
iptables -L SSH_Autoblock -v
How clear logs
A local system admin logged as root may clear the SSH_AutoBlock history at any time with the following:
- For SME8:
echo clear > /proc/net/ipt_recent/SSH
- For SME9:
echo "/" > /proc/net/xt_recent/SSH
沒有留言:
發佈留言