Netfilter doesn't know about authentication success of failure. Linux PAM is what you are looking for. You can simply modify your PAM configuration and use the pam_access and/or pam_tally module. You can read documentation about it there : http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/pam-6.html tyche wrote: > over the last few days, my server has been attacked. i would > like to limit remote logon attempts by address so that if > someone tries to logon from an ip address and fails 3 times, > my computer will ignore repeated attempts from that ip > address. any idea how to make a rule for this? > > tia > > tyche >
