On 6/16/2014 11:08 PM, John R Pierce wrote: > On 6/16/2014 8:52 PM, Chuck Campbell wrote: >> I ran a script after fail2ban was started. It looks like this: >> #!/bin/sh >> iptables -A INPUT -s 116.10.191.0/24 -j DROP >> iptables -A INPUT -s 183.136.220.0/24 -j DROP >> iptables -A INPUT -s 183.136.221.0/24 -j DROP >> iptables -A INPUT -s 183.136.222.0/24 -j DROP >> iptables -A INPUT -s 183.136.223.0/24 -j DROP >> iptables -A INPUT -s 122.224.11.0/24 -j DROP >> iptables -A INPUT -s 219.138.0.0/16 -j DROP >> >> so, how do I get them in front of the RH-Firewall-1-INPUT, or do I add them to >> that chain? > use -I (insert) rather than -A (append). > > OR > > specify chain RH-Firewall-1-INPUT rather than INPUT I used the RH-Firewall-1-INPUT chain, and -I, defaulting to position 1, and all is working as I had anticipated. It is working as expected, killing all of those rolling ip attempts. I was loathe to use system-config-firewall, because I wasn't sure it wouldn't drop something I needed, or forgot to include, and it would have wiped out the existong ruleset. I'll experiment with that when I am physically in front of the server, instead of remote from it. I would have had no quick remedy if I messed it up. Thanks you for the clear concise explanation. -chuck -- ACCEL Services, Inc.| Specialists in Gravity, Magnetics | (713)993-0671 ph. | and Integrated Interpretation | (713)993-0608 fax 448 W. 19th St. #325| Since 1992 | (713)306-5794 cell Houston, TX, 77008 | Chuck Campbell | campbell at accelinc.com | President & Senior Geoscientist | "Integration means more than having all the maps at the same scale!"