Hello, I have read and seen many options for additions to Iptables as a firewall and security system. All seem to react to logs and not to incoming packets (as far as I have seen) I am interested in doing a number of security ideas to the firewall, iptables, on my webserver. If you have a program you would suggest or believe iptables is the proper solution, please feel free to post that. Here are some of the things I would like to do 1) I have switched my SSH to a different port. I would like to still check for anyone trying to hit the old port 22 and log them. At the same time add them to a reject/ban for a certain period of time, lets say 1 day. 2) there are certain apache hacks (like things that include ../) that I would prefer to stop at the firewall. I would also like to log these attempts and begin a reject/ban for a certain period of time. Or just log until I figure out the best way to safely ban. 3) There are common script kiddie hacks that look for certain files 1 million times a day. I would like to either look for them in the incoming packets, log, and ban. Or I would like to be able to use my own php program to route them out and then add to a ban list that iptables can use. These are just some of the things I am looking at doing. I also want to start a ban list for mail packets too, why bog down sendmail when I know what they are? I realize some things might be done via programs like fail2ban (like my php program making a list) but others would be better at the firewall as active reaction security measures. Any input kindly accepted. Thank you for any help or ideas. Bob