Hi, I'm a bit confused with Susefirewall. I have had a number of robot attacks against sshd so I set the following rule in SuSefirewall to limit the number of allowable sshd logins per 60 second period: FW_SERVICES_ACCEPT_EXT="0/0,tcp,22,,hitcount=3,blockseconds=60,recentname=ssh" which I assume will limit sshd logins to only 3 per 60 seconds however when I check my log I still get: Mar 10 01:32:54 sshd[19890]: Invalid user patrick from 222.156.220.25 Mar 10 01:32:56 sshd[19892]: Invalid user patrick from 222.156.220.25 Mar 10 01:33:09 sshd[19904]: Invalid user rolo from 222.156.220.25 Mar 10 01:33:11 sshd[19906]: Invalid user iceuser from 222.156.220.25 Mar 10 01:33:12 sshd[19908]: Invalid user horde from 222.156.220.25 Mar 10 01:33:14 sshd[19910]: Invalid user cyrus from 222.156.220.25 Mar 10 01:33:16 sshd[19912]: Invalid user www from 222.156.220.25 Did I forget something or do I need to set some other parameter as well? (yes I did restart the firewall and even re-booted the system for good measure!!) Thanks for any suggestions or help. Rgds. Otto Rodusek. --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org