As subject says.tcp dport {22} counter limit rate 3/minute counter accept comment "avoid brute force"
I've tried something like this, but it seems to limit ALL ips. I would prefer to block the ip address for 24 hours or something. Please suggest Irwin -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
