FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
0 votes
975 views 1 comments
by anonymous
Is there a way to disable the SSH security blocking feature? The default is 10 attempts. I've set it to 1.000.000, but would rather be able to whitelist a certain address or disable the feature. I'm having a partial source nat translation before the Rut, and I don't want the nat hide address to be blocked (by accident). When addresses get blacklisted, is that for a certain amount of time or just permanently until removed manually?

1 Answer

0 votes
by anonymous

Hello,

Unfortunately, there is no way to completely disable this feature within current firmware. However, this functionality will be changed with the upcoming 7.2 version release. From this version any blocked IP will only lose access to the router, but its traffic will still be routed. 

When the address is blacklisted, the block is permanent until manually removed. The block can be removed in two ways:

  • Via router's WebUI by going to System -> Administration -> Access control in Security tab under List of login attempts section by pressing the cross button.
  • Via SSH. The block adds entries in the /etc/config/ip_blockd file and creates two iptables firewall rules in INPUT and FORWARD tables, which drop any traffic from the blocked IP. One way to remove the rules is by using the commands:

         iptables -D INPUT  <rule _number

         iptables _D FORWARD <rule_number>

      Rule numbers can be listed by command: 

         iptables -L --line-numbers.

      ip_blockd can be cleared by command: 

         uci delete ip_blockd.@entry[entry number].

Best regards,

Žygimantas  

  

Best answer
by anonymous
Great post. The uci delete ip_blockd.@entry... command got me out of trouble. I was unable to log in via web interface as the modem was unresponsive after hitting the Login button, but I was able to get in via SSH and clean up a 750kB ip_blockd file. This then made the RUT955 I was working on responsive enough that I could login and change the required setting.

My findings are on a RUT955 running RUT9_R_00.07.02.7. We've been a bit nervous to upgrade from this, as we've found this version to be quite reliable and have had several modems bricked whilst running RUT9_R_00.07.02