Hello, I want to do the following, accept in comings from 10.2.2.115 only restricting to port 80,22 is this correct? -P rules ... -F rules ... /sbin/iptables -A FORWARD -d 10.2.2.115 -j ACCEPT /sbin/iptables -A FORWARD -s 10.2.2.115 -j ACCEPT /sbin/iptables -A INPUT -s 10.2.2.115 -j ACCEPT /sbin/iptables -A FORWARD -m multiport -p tcp --ports 80,22 -j ACCEPT /sbin/iptables -A INPUT -m multiport -p tcp --ports 80,22 -j ACCEPT Eventhough i saw this setup in many tutorials/howtos, when ever i want to block 10.2.2.115 (by not listing him in the INPUT -j ACCEPT), that ip can still connect to port 80 and 22. Thanks Sincerely,
