chloe K wrote: > Thank you > > Can I know how to define the "SSH_CHECK" > and white list? > > I only know to use iptables -A > > Thank you > Hello, When you're entering the rules from the CLI, the first time you reference a chain, you need to use -N (for "new") instead of -A (for "append"). So, using my example.... #iptables -N SSH_CHECK -s *WHITELIST ADDRESSES* -j ACCEPT #iptables -A SSH_CHECK -m recent --set --name SSH --rsource and so on. I use the first line of the SSH_CHECK chain to keep from accidentally locking myself out of my server. If, for instance, I have control and trust over a particular IP address or subnet, I can use the first line to explude them from being rate-limited... #iptables -N SSH_CHECK -s 127.219.24.149 -j ACCEPT or #iptables -N SSH_CHECK -s 127.247.67.0/24 -j ACCEPT (ip addresses changed to protect the innocent) I think that'll do you, Andy _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos