New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Network management Proxmox KVM
norival1992
Member
in Help
Hi,
I got Brute force report from my provider from my server.
Unfortunately, i am using NAT so i cant detect which IP was attacking.
I have 2 solutions :
1. Finding attacking IP
2. Block out going port 22, 25 ,465, 587...
And i am following 2nd way, but failed. I added command:
iptables -A OUTPUT -p tcp --dport 22 -j DROP
iptables -A OUTPUT -p tcp --dport 22 -j REJECT
My VPS can continue connecting to port 22 lol
Comments
hetzner by any chance?
why you dont use the proxmox firewall??
https://pve.proxmox.com/wiki/Proxmox_VE_Firewall
@TarZZ92 no, i dont use hetzner. I am using IOFlood
@StZ does it affect to all VPS???
in that case, port blocking
Are you talking about 2nd way?
just change OUTPUT to FORWARD.
*** see below
iptables -A FORWARD -o eth0 -p tcp --dport 22 -j DROP
while eth0 is your main interface
Thanks, but there is some wrong because there is many NAT vps are hosted on server of mine.
And they are using my vpses to connect to Outside to port 22.
Do you understand?
I dont wan they connect to port 22 in their VPS
yes
Do you have any command for iptables ??
just use the drop or u can always use proxmox firewall.
Oh my god, these are Rule in my vps firewall.
Failed again. It can connect to ssh of another server.
i didnt type the rule you quoted ^
Ahh, that is my rules, which i wrote to my firewall
OUT DROP -p tcp -dport 22
OUT SSH(ACCEPT) -i vmbr1
vmbr1 is network bridge of NAT