From: Sha'ul (pbaptiegmail.com)
Date: Fri Sep 11 2009 - 16:25:11 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I tried writing my rules to allow only 1 SSH login at a time, and to
lock out everyone else until the current person has closed their their
SSH session, and then it is open for someone else to SSH in if need be.

My problem seems to be is it only allows 1 SSH login and that's it, have
to reboot if someone else wants in or for first person to ssh in again.
Can you please correct what is wrong with my rules?

block in all
set require-order no
set skip on lo
scrub in all
scrub out all

ext_if = "dc0"
int_if = "lo0"

antispoof quick for $ext_if
antispoof quick for lo

table <bruteforce> persist

block quick from <bruteforce>

pass quick proto tcp from any to any port ssh \
      keep state (max-src-conn 1, max-src-conn-rate 2/300, \
         overload <bruteforce> flush global)

#block in quick from urpf-failed to any # use with care

# By default, do not permit remote connections to X11
block in on ! lo0 proto tcp from any to any port 6000

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]