jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

sftp: add rate limit

Browse Source
This commit is contained in:
Girish Ramakrishnan
2024-04-21 21:04:00 +02:00
parent 1aa683aeab
commit 88231e3d35
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
setup/start/cloudron-firewall.sh
View File

@@ -139,8 +139,8 @@ for port in 80 443; do
ipxtables -A CLOUDRON_RATELIMIT -p tcp --syn --dport ${port} -m connlimit --connlimit-above 5000 -j CLOUDRON_RATELIMIT_LOG
done
# ssh . 5 connections per 10 seconds per IP
for port in 22 202; do
# ssh and sftp. 5 connections per 10 seconds per IP
for port in 22 202 222; do
ipxtables -A CLOUDRON_RATELIMIT -p tcp --dport ${port} -m state --state NEW -m recent --set --name "public-${port}"
ipxtables -A CLOUDRON_RATELIMIT -p tcp --dport ${port} -m state --state NEW -m recent --update --name "public-${port}" --seconds 10 --hitcount 5 -j CLOUDRON_RATELIMIT_LOG
done