Displaying 8 results from an estimated 8 matches for "kimberlee".
2019 Apr 30
2
firewalld configuration for securing SSH
...sure whether that or rich rules was preferable.
-- Kimee
On Sat, 2019-04-27 at 01:39 +0200, Thibaut Perrin wrote:
> No, I think the rules you created might have a better place in a
> custom xml file instead of being given to firewall cmd directly :)
>
> On Fri, 26 Apr 2019 at 23:01, Kimberlee Integer Model <
> kimee.i.model at gmail.com> wrote:
> > I'm not sure I follow, you just think the modified one should be
> > called
> > "ssh-custom", or you think there shouldn't be a modified service
> > file
> > at all?
> >
> >...
2019 Apr 26
2
firewalld configuration for securing SSH
...e
at all?
-- Kimee
On Fri, 2019-04-26 at 19:46 +0200, Thibaut Perrin wrote:
> Hi there,
>
> Wouldn't that be a better solution to create a custom xml file to put
> in /etc/firewalld and load that "ssh-custom" service instead ?
>
> Thanks
>
> On 26/04/2019, Kimberlee Integer Model <kimee.i.model at gmail.com>
> wrote:
> > Thank you, I've gone in and made the listed changes changed
> > firewalld
> > sections to use services instead of just port numbers.
> >
> > -- Kimee
> >
> >
> > On Wed, 2019-04-2...
2019 Apr 30
0
firewalld configuration for securing SSH
...(5) and firewalld.org the service XML files, can only
handle source/destination/port, and cannot handle the actions to be
performed. I will update where possible to use the service files, but
log/accept limit will still need to be encoded in rich rules.
-- Kimee
On Mon, 2019-04-29 at 20:43 -0400, Kimberlee Integer Model wrote:
> Ah. I understand now. I was considering roughly the same, but wasn't
> sure whether that or rich rules was preferable.
>
> -- Kimee
>
>
> On Sat, 2019-04-27 at 01:39 +0200, Thibaut Perrin wrote:
> > No, I think the rules you created might hav...
2019 Apr 26
2
firewalld configuration for securing SSH
Thank you, I've gone in and made the listed changes changed firewalld
sections to use services instead of just port numbers.
-- Kimee
On Wed, 2019-04-24 at 17:05 -0700, Akemi Yagi wrote:
> On Wed, Apr 24, 2019 at 12:13 AM Kimberlee Integer Model
> <kimee.i.model at gmail.com> wrote:
> >
> > HI all,
> >
> > 1st time contributor here. I was using the guide on securing SSH,
> > and
> > noticed that the firewall-cmd snippets for filtering by requests
> > per
> > time seem...
2019 Apr 26
0
firewalld configuration for securing SSH
No, I think the rules you created might have a better place in a custom xml
file instead of being given to firewall cmd directly :)
On Fri, 26 Apr 2019 at 23:01, Kimberlee Integer Model <
kimee.i.model at gmail.com> wrote:
> I'm not sure I follow, you just think the modified one should be called
> "ssh-custom", or you think there shouldn't be a modified service file
> at all?
>
> -- Kimee
>
> On Fri, 2019-04-26 at 19:46 +...
2019 Apr 24
3
firewalld configuration for securing SSH
HI all,
1st time contributor here. I was using the guide on securing SSH, and
noticed that the firewall-cmd snippets for filtering by requests per
time seem somewhat outdated. From what I can tell the given snippets,
relay arguments directly down to iptables, and do not cover both IPv4
and v6. (and in fact when attempting to extend to v6 the firewall would
fail to reload). I came up with an
2019 Apr 26
0
firewalld configuration for securing SSH
Hi there,
Wouldn't that be a better solution to create a custom xml file to put
in /etc/firewalld and load that "ssh-custom" service instead ?
Thanks
On 26/04/2019, Kimberlee Integer Model <kimee.i.model at gmail.com> wrote:
> Thank you, I've gone in and made the listed changes changed firewalld
> sections to use services instead of just port numbers.
>
> -- Kimee
>
>
> On Wed, 2019-04-24 at 17:05 -0700, Akemi Yagi wrote:
>> On Wed,...
2019 Apr 25
0
firewalld configuration for securing SSH
On Wed, Apr 24, 2019 at 12:13 AM Kimberlee Integer Model
<kimee.i.model at gmail.com> wrote:
>
> HI all,
>
> 1st time contributor here. I was using the guide on securing SSH, and
> noticed that the firewall-cmd snippets for filtering by requests per
> time seem somewhat outdated. From what I can tell the given snippe...