Can you send me the iptables script that you run to set up the rules? It looks like you are defaulting to accept instead of deny. -chaz Charles L. Sliger, Information Systems Engineer, chaz at bctonline.com "No matter where you go, there you are..." -----Original Message----- From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On Behalf Of Abd El-Hameed Ayad Sent: Tuesday, May 23, 2006 6:35 AM To: centos at centos.org Subject: [CentOS] iptables rules Hi, I have 2 CentOS servers 82.201.195.123 & 62.139.61.84 I want to deny all ssh logins on port 22 on (62.139.61.84) from any host except from (82.201.195.123) Can anybody tell me such iptables rules to write in /etc/sysconfig/iptables Currently, im using the following rules (on 62.139.61.84) *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :RH-Firewall-1-INPUT - [0:0] -A INPUT -j RH-Firewall-1-INPUT -A FORWARD -j RH-Firewall-1-INPUT -A RH-Firewall-1-INPUT -i lo -j ACCEPT -A RH-Firewall-1-INPUT -i eth1 -j ACCEPT -A RH-Firewall-1-INPUT -i eth0 -s 82.201.195.123 -j ACCEPT -A RH-Firewall-1-INPUT -m tcp -p tcp --dport 22 -j REJECT -A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A RH-Firewall-1-INPUT -i eth0 -j ACCEPT -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited COMMIT But i found that somebody is bypassing these rules & trying to authenticate with unknown (or wrong password) accounts Thanx in advance _______________________________________________ CentOS mailing list CentOS at centos.org http://lists.centos.org/mailman/listinfo/centos