Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: Sha'ul (pbaptiegmail.com)
Date: Fri Sep 11 2009 - 16:25:11 CDT
I tried writing my rules to allow only 1 SSH login at a time, and to
lock out everyone else until the current person has closed their their
SSH session, and then it is open for someone else to SSH in if need be.
My problem seems to be is it only allows 1 SSH login and that's it, have
to reboot if someone else wants in or for first person to ssh in again.
Can you please correct what is wrong with my rules?
block in all
set require-order no
set skip on lo
scrub in all
scrub out all
ext_if = "dc0"
int_if = "lo0"
antispoof quick for $ext_if
antispoof quick for lo
table <bruteforce> persist
block quick from <bruteforce>
pass quick proto tcp from any to any port ssh \
keep state (max-src-conn 1, max-src-conn-rate 2/300, \
overload <bruteforce> flush global)
#block in quick from urpf-failed to any # use with care
# By default, do not permit remote connections to X11
block in on ! lo0 proto tcp from any to any port 6000