1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/network/if-pre-up.d/01_ssh_only_eth0	Wed May 13 10:21:21 2015 +0200
     1.3 @@ -0,0 +1,11 @@
     1.4 +#!/bin/sh
     1.5 +
     1.6 +# Only run once (not for every interface)
     1.7 +if [ "$IFACE" != "--all" ]
     1.8 +then
     1.9 +	exit 0
    1.10 +fi
    1.11 +
    1.12 +# only allow ssh connections on eth0 (host only)
    1.13 +iptables -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT
    1.14 +iptables -A INPUT -p tcp --dport 22 -j REJECT