Hi to all! I have the following problem. I have a gateway machine which acts as firewall (iptables) and router to the internal network. What i need is to access from outside with SSH to a internal machine, but i want some protection from the ssh dictionary attacks. I want to use the standard port 22 for ssh and perhaps use the 'recent' module for iptables in order to block this kind of attacks. I already have the block rules for iptables which i got from suse lists, as shown below: $IPTABLES -N SSH $IPTABLES -N SSH-evil $IPTABLES -A SSH-evil -m recent --name badSSH --set -j LOG --log-level DEBUG --log-prefix "evil SSH user: " $IPTABLES -A SSH-evil -j REJECT $IPTABLES -A SSH -p TCP ! --syn -m state --state ESTABLISHED,RELATED -j ACCEPT $IPTABLES -A SSH -p TCP --syn -m recent --name badSSH --rcheck --seconds 600 -j REJECT $IPTABLES -A SSH -p TCP --syn -m recent --name sshconn --rcheck --seconds 60 --hitcount 5 -j SSH-evil $IPTABLES -A SSH -p TCP --syn -m recent --name sshconn --set $IPTABLES -A SSH -p TCP --syn -j ACCEPT What i need now is to add a forward rule to an internal machine, if everything is ok. How can i do this ? Thanks to all in advance. P.S: Thanks to Rene Gallati for his iptables script. -- |/ "Do or do not. There is no try" - Yoda |/ |==============================================| | 2000Comp - Consultoria e Informática, Lda | | Tel: +351 22 941 99 32 | |/ | Fax: +351 22 941 99 34 | |/ O | www: http://www.2000comp.pt | O -|--| |--|- | | Joao Reis | |/ / \ |==============================================| / \ ==========================================================