diff -Nur e-smith-openssh-2.6.0.old/root/etc/e-smith/templates/etc/rc.d/init.d/masq/42CreateSSHAutoblock e-smith-openssh-2.6.0/root/etc/e-smith/templates/etc/rc.d/init.d/masq/42CreateSSHAutoblock
--- e-smith-openssh-2.6.0.old/root/etc/e-smith/templates/etc/rc.d/init.d/masq/42CreateSSHAutoblock	2016-02-05 17:15:23.000000000 -0500
+++ e-smith-openssh-2.6.0/root/etc/e-smith/templates/etc/rc.d/init.d/masq/42CreateSSHAutoblock	2020-05-03 02:57:42.368000000 -0400
@@ -1,13 +1,23 @@
 {
     my $abtries = ${'sshd'}{'AutoBlockTries'} || "4";
     my $abtime = ${'sshd'}{'AutoBlockTime'} || "900";
+    my $sshd_port = ${'sshd'}{'TCPPort'} || "22";
 
     $OUT .=<<"EOF";
+    # Create a whitelist
+    /sbin/iptables --new-chain SSH_Whitelist
+    /sbin/iptables --new-chain SSH_Whitelist_1
+    /sbin/iptables --append SSH_Whitelist -j SSH_Whitelist_1
 
     # Use recent packets match to block SSH from sites generating
     # $abtries connections within $abtime seconds
-    # Check/clear IP block status in /proc/net/ipt_recent/SSH
+    # Check/clear IP block status in /proc/net/xt_recent/SSH
     /sbin/iptables --new-chain SSH_Autoblock
+
+    # First check if not whitelisted
+    /sbin/iptables --append SSH_Autoblock --proto tcp --dport $sshd_port \\
+    	-m state --state NEW -j SSH_Whitelist
+
     /sbin/iptables --append SSH_Autoblock -m recent --set --name SSH
     /sbin/iptables --append SSH_Autoblock -m recent --rcheck --rttl \\
 	--seconds $abtime --hitcount $abtries --name SSH -j denylog
diff -Nur e-smith-openssh-2.6.0.old/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90adjustSSHAutoblock e-smith-openssh-2.6.0/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90adjustSSHAutoblock
--- e-smith-openssh-2.6.0.old/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90adjustSSHAutoblock	2016-02-05 17:15:23.000000000 -0500
+++ e-smith-openssh-2.6.0/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90adjustSSHAutoblock	2020-05-03 02:58:12.182000000 -0400
@@ -1,10 +1,42 @@
 {
+    # SSH_Whitelist
+    my $sshd_port = ${'sshd'}{'TCPPort'} || "22";
+    # Find the current SSH_Whitelit_$$ chain, and create a new one.
+    $OUT .=<<'EOF';
+    OLD_SSH_Whitelist=$(get_safe_id SSH_Whitelist filter find)
+    NEW_SSH_Whitelist=$(get_safe_id SSH_Whitelist filter new)
+    /sbin/iptables --new-chain $NEW_SSH_Whitelist
+EOF
+    # here we add the content from sshd ValidFrom 
+    # or create a new one dedicated for sshd
+    my @vals = split ",",  ($sshd{ValidFrom} || '');
+    #$OUT .="#sshd whitelist content : "
+    #$OUT .= join " ", @vals;
+
+    foreach my $ip ( @vals ){
+            $OUT .= "    /sbin/iptables --append \$NEW_SSH_Whitelist -s $ip";
+            $OUT .= " -p tcp";
+            $OUT .= " --dport $sshd_port" ;
+            $OUT .= " -j ACCEPT\n";
+    }
+
+    $OUT .= "    /sbin/iptables --append  \$NEW_SSH_Whitelist" .
+                " -j RETURN\n";
+
+    # Having created a new SSH_Whitelist chain, activate it and destroy the old one.
+    $OUT .=<<'EOF';
+    /sbin/iptables --replace SSH_Whitelist 1 \
+            --jump $NEW_SSH_Whitelist
+    /sbin/iptables --flush $OLD_SSH_Whitelist
+    /sbin/iptables --delete-chain $OLD_SSH_Whitelist
+EOF
+    # SSH_Autoblock
     my $abtries = ${'sshd'}{'AutoBlockTries'} || "4";
     my $abtime = ${'sshd'}{'AutoBlockTime'} || "900";
 
     $OUT .=<<"EOF";
 
-    /sbin/iptables --replace SSH_Autoblock 2 -m recent --rcheck --rttl \\
+    /sbin/iptables --replace SSH_Autoblock 3 -m recent --rcheck --rttl \\
 	--seconds $abtime --hitcount $abtries --name SSH -j denylog
     # Clear SSH_Autoblock site history too
     echo / > /proc/net/xt_recent/SSH