[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [opensuse-security] SSH access refused for legitimate user under heavy load



Hi Pieter,

Indeed.  Now I am wondering whether I can simply add more relaxed
limit-burst options in  /etc/sysconfig/SuSEfirewall2 or whether I
should first lookup the configuration file that sets the burst too
strict (currently I don't know where the property is set, I guess it
has never been set by explicitly by the former administrator).

Could you please advice me about that?

--> You can find out which files belong to the SuSEfirewall2 package with this command:

rpm -ql SuSEfirewall2

Then I did a "grep -nrHi rate" in "/etc/sysconfig/" which revealed the file "/etc/sysconfig/scripts/SuSEfirewall2-qdisc". Some kind of bandwidth limiting for SSH is done around line 71.

"man iptables" lists the "--limit rate" and "--limit-burst" commands. However, I did not find these commands easily. Don't know where they are issued.

That's all I can help you with since I'm not a firewall expert.


Best regards and good luck !

Armin



Dr. Armin Schoech
Carl-Zeiss-Strasse 33/1
D-89551 Koenigsbronn / GERMANY
WWW: http://armin.schoech.de/
--
To unsubscribe, e-mail: opensuse-security+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-security+help@xxxxxxxxxxxx