On Sat, 15 Dec 2001, Romano, Christopher wrote: > #SSH > iptables -A INPUT -i ppp0 -p tcp --sport 22 -m state --state NEW,ESTABLISHED > -j ACCEPT You probably want --dport 22. This rule accepts any connection originating from port 22 on the remote machine connecting to any port on the machine you're trying to protect. -- Robert Dale wplug member since 1998