Hi,
Is this correct, that those rules just open port 22 for ip-adress 192.168.3.1 or 192.168.2.0/24, so this ip-adress(es) only can access ssh-services and the rest sees it as blocked?
iptables -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 192.168.3.1 --dport 22 -j ACCEPT
Would this open it for a whole subnet 192.168.2.0/24?
iptables -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 192.168.2.0/24 --dport 22 -j ACCEPT
...and does a combination of both work? can i only start this with an additional shell-script, as if i would call system-config-securitylevel it would overwrite this config?
This would be a good idea, having 'stealth port' clicked in system-config-securitylevel too...
Thanks a lot, Roger
