Hi, > This is not correct syntax but should illustrate the pieces needed for the > single rule you want: > -A FORWARD -i eth0 \ > -source range 172.31.114.1-172.31.114.254 \ > -dest range 10.2.2.1-10.2.2.254 \ > -protocol tcp \ > -destport 22 \ > -m state --state NEW \ > -j DROP Thanks Neal. Appreciate your response. I understand and tried your rule as well but the problem remains the same. May be i havent given full details. Let me try once more. I have currently power PC compiled both linux 2.6.35 for PPC along with iptables v 1.4.9.1. As mentioned in the original mail, problem persist. What is strange is i could see only the counter increasing for iptables drop only once. No matter how many ssh packets i try to sent , the DROP counter for the rule doesnt increase but the packet is drop. In order to debug i even tried to add a rule to allow ftp before dropping the ssh rule. As again if i do send the ssh packet firs followed by ftp packets, ftp packets are still dropped. I donot see any counter increasing at all. This continues to happen untill i insert some random rule in the forward table, followed by sending ftp packets it is allowed. But send ssh packets and followed by ftp, both are dropped. Any information will be much appreciated. thanks and regards sreejith -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
