Hello all,
I intend to block ssh on port 22 on my vyos device and after running the below command it populates an error.
Error: unable to find [PREROUTING] [VYATTA_CT_PREROUTING_HOOK]
Below are the commands:
set firewall all-ping ‘enable’
set firewall broadcast-ping ‘disable’
set firewall ipv6-receive-redirects ‘disable’
set firewall ipv6-src-route ‘disable’
set firewall ip-src-route ‘disable’
set firewall log-martians ‘enable’
set firewall receive-redirects ‘disable’
set firewall send-redirects ‘enable’
set firewall source-validation ‘disable’
set firewall syn-cookies ‘enable’
Defining state policy
set firewall state-policy established action ‘accept’
set firewall state-policy related action ‘accept’
Filter rule
set firewall name WAN-LOCAL default-action ‘drop’
set firewall name WAN-LOCAL rule 100 action ‘drop’
set firewall name WAN-LOCAL rule 100 destination port ‘22’
set firewall name WAN-LOCAL rule 100 protocol ‘tcp’
set firewall name WAN-LOCAL rule 100 source address 192.168.4.29
set firewall name WAN-LOCAL rule 100 state new ‘enable’
set firewall name WAN-LOCAL rule 110 action ‘accept’
set firewall name WAN-LOCAL rule 110 destination port ‘22’
set firewall name WAN-LOCAL rule 110 protocol ‘tcp’
set firewall name WAN-LOCAL rule 100 source address 192.168.4.29
set firewall name WAN-LOCAL rule 110 state new ‘enable’
set interface ethernet eth2 vif 71 firewall local name WAN-LOCAL