> Is there any other rule to allow ssh from an internal network > to the server. > > till now i have used a rule like this: > > $iptables -A tcp-packets -p TCP -s xxx.xxx.xxx.xxx -allowed I guess this rule is not working, worse : it should generate an error as I don't think "-allowed" will be recognized. And if it would work then it would open all tcp services, not just ssh. Let's say your internal network is 192.168.1.0/24. Try this : (You can subtitute INPUT for tcp-packets if you like.) $iptables -A INPUT -s 192.168.1.0/24 -p tcp --dport 22 -j ACCEPT Gr, Rob
