[ previous ] [ next ] [ threads ]
 
 From:  Lee Sharp <leesharp at hal dash pc dot org>
 To:  "m0n0wall at lists dot m0n0 dot ch" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] SSH NAT/PAT woes
 Date:  Tue, 18 Nov 2008 15:32:59 -0600
Thomas Sprinzing wrote:
> Hi there:
> how do i set up the following scenario:
> 
> linux server behind m0n0, ADSL connection w/ dynamic external ip.
> I have to set up external ssh access:
> 
> NAT + PAT incoming from any:any to port 12322 on m0n0 --->
> 192.168.1.1:22
> NAT incoming from one fixed address:any ----> 192.168.1.1:22
> 
> Is that possible? (last one, yes, but together with first?)
> 
> I have trouble with the first one. In testing, i accidentally opened :
> 22 to any ip, which i absolutely dislike, because port 22 gets brute-
> forcedfrom .ru and .cn constantly. Also, i tried to change the
> _firewall_ rule to pass any:any to WAN:11122, but to no avail.

I actually leave ssh on port 22.  I also run fail2ban, which is amazing! 
  Not the answer you were looking for, but perhaps an answer...

			Lee