1.Accept incoming TCP connections ssh (port 22), with a rate limit of 30 connections per minute, per host, and a burst of 5 connections 2.Log accepted ssh connections.
Asked
Active
Viewed 326 times
1 Answers
0
The first rule in the input chain is usually:
ct state established,related counter accept
So it should be sufficient to add the rule:
ct state new tcp dport 22 limit rate 30/minute burst 35 packets log prefix "[nft accept ssh] " counter accept
Putting it all together:
table inet filter {
chain input {
type filter hook input priority filter; policy drop;
ct state established,related counter accept
ct state new tcp dport 22 limit rate 30/minute burst 35 packets log prefix "[nft accept ssh] " counter accept
}
}
Lobz
- 68
- 4