#!/bin/sh

##### ssh rate throttling ######
# from http://www.debian-administration.org/articles/187

# params
hitcount=10	# only allow this many new connections from an addres
seconds=60	# in this many seconds
interface=eth0	# on this interface

############################################################
# mark a new, incomming connection in a list
iptables -I INPUT -p tcp --dport 22 -i $interface -m state --state NEW -m recent \
  --set

# if an address has $hits hits within the last $interval seconds, drop
# the connection.
iptables -I INPUT -p tcp --dport 22 -i $interface -m state --state NEW -m recent \
  --update --seconds $seconds --hitcount $hitcount -j DROP