SSH Login Attempts
-
Dude your rule right there on top allows ANY Ip in that pfb_europe_v4 to anything... Why in the world would you have such a rule???
An intelligent man is sometimes forced to be drunk to spend time with his fools
If you get confused: Listen to the Music Play
Please don't Chat/PM me for help, unless mod related
SG-4860 24.11 | Lab VMs 2.8, 24.11 -
No floating rules
-
That first rule allows access to anything.. Coming from anything in that alias.. So no shit getting brute force on ssh, and your gui to as well.
Why do you think you need such a rule?
An intelligent man is sometimes forced to be drunk to spend time with his fools
If you get confused: Listen to the Music Play
Please don't Chat/PM me for help, unless mod related
SG-4860 24.11 | Lab VMs 2.8, 24.11 -
@johnpoz said in SSH Login Attempts:
Dude your rule right there on top allows ANY Ip in that pfb_europe_v4 to anything... Why in the world would you have such a rule???
What John said, if you look in the firewall logs, you'll see it as its logging it.
-
Damn, was temp rule for team working in France. Updated rule to only allow OpenVPN.
-
That rule is pointless since you have a rule just below it that allows vpn any source. Unless you just want to log those from that alias?
-
There is a block rule in between if NOT North America.
-
@ahking19 said in SSH Login Attempts:
North America.
Wouldn't it be better to change the block rule in between if NOT North America to a pass North America, then the rule beneath block any OpenVPN and log?
Andy
1 x Netgate SG-4860 - 3 x Linksys LGS308P - 1 x Aruba InstantOn AP22
-
True.. on the ! NA rule.
But you could for sure write those rules a bit more clear.. But without knowing EXACTLY what your wanting to do its just guessing, etc.
-
That would be fine for OpenVPN. But also don't need HTTP & HTTPS sites available outside North America. Not sure how/if I can combine pfBlocker rule with NAT rule. if that makes sense...
-Andrew
-
Sure you can if you just use its aliases - they can be used anywhere you want.. Rule, Nat, etc.
-
Thanks. I'll take a look at using the pfBlocker aliases.
