On Wed, Dec 21, 2011 at 11:20 AM, mick mbm@rlogin.net wrote:
Ah. Sorry, I misunderstood your requirement.
Ordinarily I'd say just tunnel the connection over ssh, but since you want to connect to a range of ports rather than a single port, then I suggest you look at openvpn. Someone else on the mailing list (Martin Brooks I believe) has even written a useful openvpn "howto" at http://hinterlands.org/wiki/index.php/OpenVPNQuickstart
HTH
No problem - on my second read of my original email I was not clear at all. :(
The problem with VPN is it comes with a whole host of client-end setup on an array of environments.
I would just write a node script to monitor the ssh auth logs and prepend the iptables rules but that would require the node server having the ability to become a SU :S
or I could write a bash script daemon to monitor an output file of a node instance and issue the commands, and again :S
I'm sure an investigation into the source of fail2ban will return some results, I will post back if I answer my own question :)
KR and thanks for your time