potinho
Advanced OT User
Hey guys,
Im using Ubuntu 18 and want to increase the security level of my server I'm trying to filter the SSH access logs only for authorized MAC, but I'm having difficulties. After use IPtables command bellow, i remove openssh full rule, but cannot connect on server. I already installed IPtables persistent and saved the settings after adding a rule. I'm using the command below :
/sbin/iptables -A INPUT -p tcp --destination-port 22 -m mac --mac-source XX:XXXX:XX:XX:XX -j ACCEPT
After then:
iptables-save > /etc/iptables/rules.v4
But rule is going to chain INPUT (policy DROP)
I need to allow few MAC ADDRESSES
I have this rules (working) used UFW, are in Chain OUTPUT (policy ACCEPT):
Chain ufw-user-input (1 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere multiport dports http,https /* 'dapp_Apache%20Full' */
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh /* 'dapp_OpenSSH' */
Im using Ubuntu 18 and want to increase the security level of my server I'm trying to filter the SSH access logs only for authorized MAC, but I'm having difficulties. After use IPtables command bellow, i remove openssh full rule, but cannot connect on server. I already installed IPtables persistent and saved the settings after adding a rule. I'm using the command below :
/sbin/iptables -A INPUT -p tcp --destination-port 22 -m mac --mac-source XX:XXXX:XX:XX:XX -j ACCEPT
After then:
iptables-save > /etc/iptables/rules.v4
But rule is going to chain INPUT (policy DROP)
I need to allow few MAC ADDRESSES
I have this rules (working) used UFW, are in Chain OUTPUT (policy ACCEPT):
Chain ufw-user-input (1 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere multiport dports http,https /* 'dapp_Apache%20Full' */
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh /* 'dapp_OpenSSH' */
Last edited: