Page MenuHomeVyOS Platform

Using tallow to block sshd probes
Open, Requires assessmentPublicFEATURE REQUEST

Description

Tallow service would allow to block ssh probes from accessing default ssh port for given times, by default it uses ipset, but maybe even better integration with vyos could be achieved.

i would like to propose inclusion of tallow into distribution.
I will try to create package and configuration settings required to set it trough vyos interface, proposal would be something like:

set firewall tallow enable
set firewall tallow expires 86400
set firewall tallow ipv6 disable
set firewall tallow whitelist 10.10.0.1
set firewall tallow whitelist 20.20.
set firewall tallow whitelist 30.

given set of commands should create file in /etc with next settings

/etc/tallow.conf
expires=86400
whitelist=10.10.0.1
whitelist=20.20.
whitelist=30.

and systemd service tallow should be enabled and started on boot..

Of course it should NOT be enabled be default as user would very easy block themselves with it.

Package source
https://github.com/clearlinux/tallow

Details

Difficulty level
Unknown (require assessment)
Version
-
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)

Event Timeline

pasik added a subscriber: pasik.Apr 1 2020, 7:00 AM