#!/bin/sh
# SSH bruteforce detection and REJECT

iptables -N SSH_Brute_Force
iptables -A INPUT -p tcp -m tcp --dport 22 -m state \
    --state NEW -m recent --set --name SSH --rsource -j SSH_Brute_Force 
iptables -A SSH_Brute_Force -m recent ! --rcheck --seconds 90 \
    --hitcount 3 --name SSH --rsource -j RETURN 
iptables -A SSH_Brute_Force -p tcp -j REJECT \
    --reject-with icmp-port-unreachable