I am trying to understand what these two lines taken from a firewall script mean?
The comments in the script state:
# We allow incoming SSH connections and answers to our own SSH connections:
/sbin/iptables -A INPUT -p tcp -d 188.8.131.52 --dport 22 -j ACCEPT
/sbin/iptables -A INPUT -p tcp --sport 22 -d 184.108.40.206 "!" --syn -j ACCEPT"
I understand the first line. It allows all incoming packets sent to port 22 of 220.127.116.11. Correct?
The second line accepts all incoming packets originating from port 22 being sent to 18.104.22.168 that are not new tcp connection requests? I don't really understand the intent of the second line. Can someone help me out? Is this really all that secure in protecting ssh?