[RULES]

IN REJECT -source +myipset -dest +dmzhosts -p tcp -dport 22

IN ACCEPT -source +myipset -p tcp -dport 22