Menu
What's new
By:
Filters Better Search

Recent content by Ferisko

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

  1. F

    change SSH Brute Force Protection

    Hi, you could disable the built in brute force protection in web ui and then add a custom firewall-start script with your own iptables brute force protection lines: user@router:/tmp/home/root# cat /jffs/scripts/firewall-start #!/bin/sh iptables -I INPUT 6 -i eth0 -p tcp --dport 22 -m state...
  2. F

    how to block ip addresses after "x" number of failed attempts, or by geo-location

    First to clarify what my example actually does, since it is not exactly what the OP asked for. The iptables rules in my firewall-start script simply start to drop incoming ssh connections from a certain IP if there was more than 5 new connections from the same IP in last 300 seconds. And as...
  3. F

    how to block ip addresses after "x" number of failed attempts, or by geo-location

    This feature is already there in the GUI. In Administration Menu, System Tab, "Enable SSH Brute Force Protection" option. It just uses a lot more relaxed timings than in the example above, which is why I also use manual setup via firewall init script: admin@censored:/tmp/home/root# cat...
  4. F

    SSH, Putty, Tunnel, Socks and Prxy

    Hi pe78420, it seems OK. Logging into smallnetbuilder forums over a socks proxy (dynamic ssh port forward) generates the following in putty log for me (there is some other web site as well): 2013-03-06 09:40:19 Opening forwarded connection to forums.smallnetbuilder.com:80 2013-03-06 09:40:20...
  5. F

    SSH, Putty, Tunnel, Socks and Prxy

    Did you try different ports as well?
  6. F

    SSH port forwarding allowed regardless of the setting

    So I did a bit of testing today and my conclusions are as follows: - SSH port forwarding is enabled regardless of the setting - SSH port forwarding works the same way regardless of the setting. - the -a option which should allow for other computers on the network with the router to connect to...
  7. F

    SSH port forwarding allowed regardless of the setting

    Hi, I usually connect to the forwarded ports only from the machine from which I created the tunnel in the first place (e.g. using dynamic port forward from my work laptop to my router as a socks proxy for my browser) and that works. Never tried to use the tunnel from other machines in the...
  8. F

    SSH port forwarding allowed regardless of the setting

    Hello, first of all a big thanks to Merlin (and everyone else who contributed) for this great firmware. The main reason for me to use this firmware is the ssh daemon and ssh port forwarding. Now to the point: Recently I noticed that it does not matter if I set the option "Allow SSH Port...
See more
Top