1.
Code:
sudo ufw limit ssh/tcp
The above command effectively does the same thing as
Code:
sudo iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --set --name SSH
sudo iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 --rttl --name SSH -j DROP
2.
If you append rules after UFW already created iptables rules, then your rules will only be checked if a UFW chain hasn't already accepted the packet. If you want to add the rules using the "iptables" command, use insert (-I) instead of append (-A).
If you want to configure UFW to add those custom iptables rules, add this to /etc/ufw/before.rules before "COMMIT":
Code:
-A ufw-before-input -p tcp --dport 22 -m state --state NEW -m recent --set --name SSH
-A ufw-before-input -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 60 --hitcount 3 --rttl --name SSH -j DROP
Bookmarks