I’m beginning to think I need to set up a Wiki for this stuff.. but later.
Trying to get the sshdfilter stuff up and running on my new Debian box, and of course I didn’t document the process when I did it on 3 previous machines awhile back, so here goes.
- Install sshdfilter script in
/usr/local/sbin - Edit
/etc/init.d/ssh. Look for two lines that look something like
start-stop-daemon --start [...] /usr/sbin/sshd -- $SSHD_OPTSReplace them with
start-stop-daemon --start --quiet --exec /usr/local/sbin/sshdfilter -- $SSHD_OPTS &Don’t forget the trailing ampersand!
- Create an executable file
/usr/local/etc/iptables.sh:
#!/bin/sh
modprobe ip_tables
iptables -N SSHD
iptables -A INPUT -p tcp -m tcp --dport 22 -j SSHD
exit 0
- Modify
/etc/network/interfaces. Under interfaceeth0, add the following line:
pre-up /usr/local/etc/iptables.sh
And that should do it.