Reco: On Sat, 16 Jan 2016 23:48:54 +0300, you wrote:
>Correct sequence would be: > >iptables -F INPUT >iptables -A INPUT -p tcp --dport 22 -m conntrack --ctstate NEW \ > -m hashlimit --hashlimit 1/hour --hashlimit-burst 16 \ > --hashlimit-mode srcip --hashlimit-name ssh \ > --hashlimit-htable-expire 60000 -j ACCEPT >iptables -A INPUT -p tcp --dport 22 --tcp-flags SYN,RST,ACK SYN \ > -j DROP OK, got it perfect now. THANKS!
