Lars Schimmer said: > Hi! > > I copied a iptables config from a friend over to my router: > ($IPT = /sbin/iptables) > > $IPT -A FORWARD -s ! 111.22.22.128/25 -p tcp --dport 22 -m state --state > NEW -m recent --set > $IPT -A FORWARD -p tcp --dport 22 -m state --state NEW -m recent > --update --seconds 300 --hitcount 10 -j DROP > $IPT -A FORWARD -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT > $IPT -A FORWARD -p tcp -d 111.22.22.128/25 --dport 22 -j REJECT I believe you need the --rttl option in with the --update option. -- phil
Attachment:
signature.asc
Description: OpenPGP digital signature