[Commotion-admin] [commotion-router] Rate limit ssh attempts to WAN zone (#120)
areynold
notifications at github.com
Fri Apr 18 15:47:11 EDT 2014
Incorporates firewall changes suggested by @raniarho in #116 with some modifications.
Partially addresses #30.
To test:
1. Flash the node and configure it as a gateway
2. Log in and make note of the public-facing IP address.
3. Connect another machine to the same network as the node, but not to the node itself. You should not receive an IP address from the node or be inside the commotion network.
4. SSH to the node and enter an invalid password until you are disconnected (3 attempts), then immediately repeat. On the fourth attempt within 1 minute your connection should be denied.
You can merge this Pull Request by running:
git pull https://github.com/opentechinstitute/commotion-router ssh-rate-limit
Or you can view, comment on it, or merge it online at:
https://github.com/opentechinstitute/commotion-router/pull/120
-- Commit Summary --
* Create firewall.user
* Update firewall
* Update firewall
* Merge branch 'master' of https://github.com/RaniaRho/commotion-router into ssh-rate-limit
* Fixed typo in /etc/firewall.user
* Moved firewall.user rules to /etc/config/firewall.
-- File Changes --
M default-files/etc/config/firewall (15)
-- Patch Links --
https://github.com/opentechinstitute/commotion-router/pull/120.patch
https://github.com/opentechinstitute/commotion-router/pull/120.diff
---
Reply to this email directly or view it on GitHub:
https://github.com/opentechinstitute/commotion-router/pull/120
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.chambana.net/pipermail/commotion-admin/attachments/20140418/7da0bc8f/attachment.html>
More information about the Commotion-admin
mailing list