JDPFu.com 2025

The 7 Uncommon Uses of iptables over at linuxaria shows fairly easy to use solutions for the following:

1. Block known dirty hosts from reaching your machine; block spammers and other known bad networks
2. unlock a pre-determined port, once someone “knocks” ; ie "port knocking_
3. use a restricted externally, but a high port on the server – port forwarding
4. use your proxy only for external access, not in the local LAN – I’ve done this with PAC files
5. Limit the number of ssh connections to 10
6. Limit ssh to have just 1 session every 15 seconds
7. Give multiple directives with a single command

Fail2ban can be used to address some concerns, but you may need to limit the connection count and rate from some IP addresses that could be considered system abusers.