Line 540: |
Line 540: |
| </tr> | | </tr> |
| </table> | | </table> |
| + | |
| + | |
| + | ====OpenVPN Server Brute-force Prevention==== |
| + | ---- |
| + | OpenVPN Servers with <b>Authentication</b> set to <b>TLS/Password</b> or <b>Password</b>, <b>Protocol</b> set to <b>UDP</b> and running on <b>Port 1194</b> have a feature where after a client attempts to connect to the server 10 times with incorrect credentials (password and/or username) they are then blocked from the server. |
| + | |
| + | To check which addresses are blocked one first needs to connect to their device's [[Command_Line_Interfaces_RutOS|CLI]]. |
| + | |
| + | After connecting to your device's CLI use the command <b>ipset list</b> and find the section named <b>ipb_port</b>. There under <b>Members</b> you should see all IP addresses that are blocked. |
| + | |
| + | <pre> |
| + | Name: ipb_port |
| + | Type: hash:ip,port |
| + | Revision: 5 |
| + | Header: family inet hashsize 1024 maxelem 65536 |
| + | Size in memory: 164 |
| + | References: 2 |
| + | Number of entries: 1 |
| + | Members: |
| + | 188.XXX.XXX.XXX,udp:1194 |
| + | </pre> |
| + | |
| + | Another way to check blocked IP addresses is to use the command <b>ubus call ip_block show</b>. This will show all ip addresses that failed to connect to your device. If the <b>counter</b> atribute of the IP address entry is larger or equal then <b>max_attempt_count</b> then that IP address is blocked. |
| + | |
| + | <pre> |
| + | { |
| + | "globals": { |
| + | "max_attempt_count": 10 |
| + | }, |
| + | "ip_blockd 188.XXX.XXX.XXX": { |
| + | "ip": "188.XXX.XXX.XXX", |
| + | "port": "udp:1194", |
| + | "counter": "1" |
| + | }, |
| + | "ip_blockd 188.XXX.XXX.XXX": { |
| + | "ip": "188.XXX.XXX.XXX", |
| + | "port": "udp:1194", |
| + | "counter": "10" |
| + | } |
| + | } |
| + | </pre> |
| + | |
| + | To unblock a blocked client's IP address use the command <b>ubus call ip_block unblock '{"ip":"<blocked_ip_address>","port":"udp:1194"}</b> (replace <blocked_ip_address> inside the quotes with your blocked IP address). If the IP address was unblocked succesfully you should see a similar response: |
| + | |
| + | <pre> |
| + | { |
| + | "unblocked": { |
| + | "ip": "188.XXX.XXX.XXX", |
| + | "port": "udp:1194" |
| + | } |
| + | } |
| + | </pre> |
| | | |
| ==GRE== | | ==GRE== |