Iptables Neat Tips

Separate Log File For Iptables :

vi /etc/syslog.conf

Append to the file :

kern.warning /var/log/iptables.log

Restart syslog daemon. Now you can block any ip and log it to the file

iptables -A INPUT -s x.x.x.x -m limit --limit 5/m --limit-burst 7 -j LOG --log-prefix "** Break In Attempt **"--log-level 4 iptables -A INPUT -s x.x.x.x -j DROP

Limit SSH Connections :

iptables -A INPUT -i eth0 -m state --state NEW,ESTABLISHED,RELATED -p tcp --dport 22 -m limit --limit 5/minute --limit-burst 5-j ACCEPT Iptables view blocked ip addresses

View Iptables Rules :

iptables -vnL