Hi, I took a look.
There is no problem with iptables rules added by psad. When psad blocks an IP, it adds a new chain PSAD_BLOCK_INPUT at the top of your firewall rules. Chain PSAD_BLOCK_INPUT (1 references) target prot opt source destination DROP all -- franck.home anywhere This one means all packets coming from franck.home are dropped but other packets continue their way through the INPUT chain until they reach a target rule. If there is no match, then it matches the default policy on INPUT chain which is most of the time DROP. The firewall on my laptop blacklisted workstation #1 and there is no way to access my ssh server on my laptop from workstation #1. However from workstation #2, not blacklisted, I can access the ssh server available on my laptop. If you are fine with the explanation I will close this bug report. http://www.netfilter.org/documentation/HOWTO/packet-filtering-HOWTO.html#toc7.4 Regards, -- Franck
signature.asc
Description: OpenPGP digital signature