Since last week, I had my logs almost filled with the message “packet size too big” from “error, ssh”.
I already have the brute force rule described at wiki:
I also tried to create a firewall filter rule to block packets bigger than MTU (packet size !0-1500) at port 22/TCP, it filtered a few packages, and I still got these messages on my log.
What should I do to fix/block it?
Thanks
Allow SSH only from your trusted and/or local lan subnet or if you don’t need SSH exposed then close the SSH service from IP → Services menu, good luck
Thanks. This is the last option, but it is on the table, other option is change the SSH port. I will hold if there are other ways to fix it.
This wasn’t happening prior. I have had this solution working for one year without these messages. I was just using the brute force solution. So I don’t know what changed.
Well, if you change port it’s a cat and mouse situation honestly if ssh is absolute necessary then put it in VRF or make it accessible via VPN only hahah I lost hope exposing ssh to the public 
