Menu
What's new
By:
Filters Better Search

Iptables settings against attacks

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

F

firewolf89

New Around Here
Hi all!

I am trying to set up some rules against brute-force attack because in the past days i have experienced several attack... in one of them, they succefully registered to my asterisk and they placed many calls around the world (from guatemala to nigeria...:eek:)....

I want to add some line to my firewall-start script but i encounter a problem...

These are the lines i want to add:
Code: 
# Fight the sipreg bots
iptables -I INPUT -s ! 192.168.2.1/24 -p udp --dport 5060 -m recent --set --name ASTERISK
iptables -I INPUT -s ! 192.268.2.1/24 -p udp --dport 5060 -m recent --update --seconds 15 --hitcount 10 --name ASTERISK -j DROP
#iptables -I INPUT -s ! 192.168.2.1/24 -p tcp --dport 5060 -m recent --set --name ASTERISK
#iptables -I INPUT -s ! 192.268.2.1/24 -p tcpp --dport 5060 -m recent --update --seconds 15 --hitcount 10 --name ASTERISK -j DROP

#Fight ssh brute force
iptables -N SSH_CHECK
iptables -A INPUT -p tcp --dport 22 -m state --state NEW -j SSH_CHECK
iptables -A SSH_CHECK -m recent --set --name SSH
iptables -A SSH_CHECK -m recent --update --seconds 60 --hitcount 4 --name SSH -j DROP

but i get this error:
Code: 
iptables: No chain/target/match by that name
iptables v1.3.8: host/network `192.268.2.1' not found
Try `iptables -h' or 'iptables --help' for more information.
iptables: Chain already exists
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name

Anyone can help me?

[edit] ok, it is related to some missing modules... but i don't know how and what to add...
 
Last edited:
Load the module first:

Code: 
modprobe xt_recent
 
You must log in or register to reply here.

Similar threads

T
Internet connection via ISP despite existing VPN connection in the Asus RT-AC 86U
Replies
5
Views
262
tom
T
PaulA
Port isolation on RT-AX88U-Pro (router) w/ Merlin w/ Tagged internet ISP
Replies
1
Views
1K
PaulA
PaulA
A
Entware iptables no chain/target/match and tcpdump problems
Replies
3
Views
794
RMerlin
RMerlin
SkierInAvon
Asus Merlin - iptables command (not working?)
Replies
8
Views
967
SkierInAvon
SkierInAvon
V
Can not add comment in iptables, test version 388.1
Replies
2
Views
1K
VaMpIrE-KiNg
V
Similar threads
Thread starter Title Forum Replies Date
F Understanding IPTABLES - asus ROG ax6000 Asuswrt-Merlin 14
SkierInAvon Asus Merlin - iptables command (not working?) Asuswrt-Merlin 8
v.y.k iptables pkts & bytes numbers are too low on Merlin 3004.388 Asuswrt-Merlin 13
M iptables module rateest - loadbalancing split over Asuswrt-Merlin 0
A Entware iptables no chain/target/match and tcpdump problems Asuswrt-Merlin 3
Z wgclient-start with iptables nat rules after router reboot Asuswrt-Merlin 19
H Does VPN Director Use Routes or IPTables Rules To Route Clients Over a VPN Connection? Asuswrt-Merlin 5
H Does firewall-start Script Ever Run Twice With Same iptables Rules? Asuswrt-Merlin 13
D RT-AC88U with firmware Merlin 386.12 reboots with most settings wiped Asuswrt-Merlin 13
zeeblefritz Asus RT-AC66U Merlin Stuck applying settings when manually assigning IP Asuswrt-Merlin 19

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 1,070 (members: 15, guests: 1,055)
Top