Topic: Heavy attacs against sshd

[mdo]

It looks like I am struggling to get this working (for the terminal server service)...
I have tested it successfully with sshd to limit it's access to selected IPs only so I am using the right packetfilter rpm
rpm -qa | grep packetfilter
e-smith-packetfilter-1.15.0-03

Here is my db syntax:
/sbin/e-smith/db configuration show msterminalserver
msterminalserver=service
    AllowHosts=200.x.x.x  (hiding IP only)
    TCPPort=3389
    access=public
    status=enabled

and a remoteaccess-update event after each change.

But as much as I limit the IP, it seems not to work. I still can access the Terminalserver from other IPs?

Michael
(will try tomorrow again - need a fresh view into this)

[mdo]

I had given up with this on SME6 at that time last year and gave it another go now on SME7rc1 but still the same result - I cannot limit the access to the forwarded terminal server port (!?). I also added a DenyHosts but that did not help either.

db configuration show msterminalserver
msterminalserver=service
    AllowHosts=100.110.120.130
    DenyHosts=202.x.x.x (changed for display here)
    TCPPort=3389
    access=public
    status=enabled

Could it be that it cannot coexist with the port forwarding?

masq=service
    DenylogTarget=drop
    Logging=most
    Stealth=no
    TCPForwards=3389,192.168.0.9:3389
    TCPMinimizeDelay=22
    Trace=disabled
    pptp=yes
    status=enabled

Anyone with a fresh idea for this?
Michael

[gordonr]

I had given up with this on SME6 at that time last year and gave it another go now on SME7rc1 but still the same result - I cannot limit the access to the forwarded terminal server port (!?). I also added a DenyHosts but that did not help either.

I was wrong - it won't work, yet:

http://bugs.contribs.org/show_bug.cgi?id=16