Last active
August 28, 2024 10:38
-
-
Save loskiq/49a5dbecbf3b5d5aa7e24d31391b8c54 to your computer and use it in GitHub Desktop.
allow ssh from specified hosts or networks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| table ip filter { | |
| set allow-ssh { | |
| type ipv4_addr | |
| flags interval | |
| elements = { 7.9.8.0/24, 1.2.3.4 } | |
| } | |
| chain input { | |
| type filter hook input priority filter; policy accept; | |
| ip saddr != @allow-ssh tcp dport 22 ct state new reject with tcp reset | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment