Hello,
I have a small development server with CentOS 7.2. The server should serve only some developers but all of them have dynamic IP's.
At the moment the firewalld setup is:
Code:
firewall-cmd --list-all
public (default, active)
interfaces: enp1s0
sources:
services: dhcpv6-client samba ssh
ports: 80/tcp 88/tcp 8888/tcp 8080/tcp 3306/tcp 8005/tcp
masquerade: no
forward-ports:
icmp-blocks:
rich rules:
rule family="ipv4" source address="91.229.20.63" reject
However in the last 2 weeks there were ~1 million invalid SSH login attempts to the server. I have added some reject rules, but every day there were new IP sources.
What is the best way to configure firewalld with the ports above but only accept developer logins where developers have dynamic IPs?
Thanks in advance!