On Sun, 2011-08-21 at 02:50 +0200, Patrick Lists wrote: > Maybe SELinux blocks Apache from writing to /etc/sysconfig/iptables? > Have you looked at ? These apps seem to offer a > similar solution. I'm not using SELinux at the moment simply because I don't have the time to understand it. I'm a self-taught Linuxist. I believe it uses the 'labels' inherent with every file description block. With Craig's SU suggestion, I believe my attack detection system will successfully block the attacker's IP address on a server and for a selected ports only. I will look at fail2ban and denyhosts and see how they can help. Thank you. -- With best regards, Paul. England, EU.