Mike Simons said: > On Mon, Mar 10, 2003 at 04:16:01PM -0800, Jim Angstadt wrote: >> > Could you try this: >> > # iptables -t filter -D INPUT 1 -p tcp -s >> > 192.168.0.0/24 -d 192.168.0.3\ >> > --destination-port 22 -j ACCEPT >> >> I get "Illegal option '-s' with this command". > > He meant a -A instead of -D, but I think you have confirmed that the > firewall rules are really the problem you shouldn't waste time messing > with them.
Sorry about that. I meant "-I" instead of -A or -D -I inserts the rule a point "1" to be the first rule checked. This should ensure that an ACCEPT is triggered for ssh to short-circuit the other checks in-line. -ME -- -----BEGIN GEEK CODE BLOCK----- Version: 3.12 GCS/CM$/IT$/LS$/S/O$ !d--(++) !s !a+++(-----) C++$(++++) U++++$(+$) P+$>+++ L+++$(++) E W+++$(+) N+ o K w+$>++>+++ O-@ M+$ V-$>- !PS !PE Y+ PGP++ [EMAIL PROTECTED](++) 5+@ X@ R- tv- b++ DI+++ D+ G--@ e+>++>++++ h(++)>+ r*>? z? ------END GEEK CODE BLOCK------ decode: http://www.ebb.org/ungeek/ about: http://www.geekcode.com/geek.html Campus IT(/OS Security): Operating Systems Support Specialist Assistant _______________________________________________ vox-tech mailing list [EMAIL PROTECTED] http://lists.lugod.org/mailman/listinfo/vox-tech