2008/5/15 Scott van Looy <scott at ethosuk.net>: >> You appended the rule, AFTER the ones which allow ssh through? > That should work though IIRC...I'm stopping a specific IP from connecting If you've already allowed it, that rule is too late to stop it. One of the other replies pointed out a better way (use -I instead of -A).