iptables: Allow port range but deny to certain IP

view story

http://serverfault.com – I am running a server which needs UDP ports 1000:11000 opened, as well as TCP 10011 and 30033 open to function. I have a set of iptables rules set to allow SSH and those ports, and intentionally left out 2010 as I am getting attacked on that port. The server does not block the incoming IP even when told to do so. The IP that needs to be denied is: My iptables script: service iptables restart iptables --flush iptables -P INPUT DROP iptables -A INPUT -i lo -p all -j ACCEPT iptables -A INPUT -p tcp -m tcp --dport 10011 -j ACCEPT iptables -A INPUT -p tcp -m tcp --dport 30033 -j (HowTos)