Hello list, I have these working rule-sets which blocked the IPs trying to ssh more then 2 per min. And then the matching IPs are blacklisted for a pre-defined time. Here 180 sec. ``````````` iptables -A INPUT -p tcp -m hashlimit --hashlimit-above 2/min --hashlimit-burst 2 \ --hashlimit-name hashlimit -m state --state NEW -m tcp --dport $SSH_PORT -j \ MARK --set-xmark 0x1/0xffffffff iptables -A INPUT -m recent --rcheck --seconds 180 --name sshoverflow --rsource -j DROP iptables -A INPUT -m mark --mark 0x1 -m recent --set --name sshoverflow --rsource -j DROP iptables -A INPUT -p tcp -m state --state NEW --dport $SSH_PORT -j ACCEPT `````````````````` I am trying to make an arrangement that rather blocking the IP,; only the access to the ssh port will be blocked from that IP. So the other services i.e. imap, apache will be still accessible from the IP excluding ssh. Is it possible ? Please suggest. Thanks -- জয়দীপ বক্সী -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
