diff --git a/libiptc.c b/libiptc.c
index 1ef5b16..41a6f9d 100644
--- a/libiptc.c
+++ b/libiptc.c
@@ -10,9 +10,9 @@ int x_get_rule(const char *chain, struct xtc_handle *handle, char *ipv4)
         const char *t = iptc_get_target(entry, handle);
         entry_match = (struct ipt_entry_match *)entry->elems;
         //printf("u.user.name: %s\n", entry_match->u.user.name);
-        char addr[33];
-        memset(addr, 0, 33);
-        inet_ntop(AF_INET, &(entry->ip.dst), addr, sizeof(addr));
+        char addr[64];
+        memset(addr, 0, 64);
+        inet_ntop(AF_INET, &(entry->ip.src), addr, sizeof(addr));
         //printf("%s\n", addr);
         //printf("%s\n", t);
         if (0 == strcmp(ipv4, addr) && 0 == strcmp(t, "DROP") && 0 == strcmp(entry_match->u.user.name, "tcp")) {
@@ -68,6 +68,7 @@ static void parse_ports(const char *portstring, u_int16_t * ports)
         ports[0] = buffer[0] ? parse_port(buffer) : 0;
         ports[1] = cp[0] ? parse_port(cp) : 0xFFFF;
     }
+    
     free(buffer);
 }
 
diff --git a/rhost.c b/rhost.c
index 8ed7dd6..e28e868 100644
--- a/rhost.c
+++ b/rhost.c
@@ -307,9 +307,9 @@ int rule(conf * conf)
              */
 
             // libiptc 库插入规则 iptables -t filter -A INPUT -p tcp -s xxxx -j DROP
-            unsigned int destIp;
-            inet_pton(AF_INET, buffer, &destIp);
-            iptc_add_rule("filter", "INPUT", IPPROTO_TCP, NULL, NULL, 0, destIp, NULL, NULL, "DROP", NULL, 1);
+            unsigned int srcIp;
+            inet_pton(AF_INET, buffer, &srcIp);
+            iptc_add_rule("filter", "INPUT", IPPROTO_TCP, NULL, NULL, srcIp, 0, NULL, NULL, "DROP", NULL, 1);
 
         }
 
@@ -334,10 +334,32 @@ static void sig_child(int signo)
     return;
 }
 
+static int get_executable_path(char *processdir, char *processname, int len)
+{
+    char *filename;
+    if (readlink("/proc/self/exe", processdir, len) <= 0)
+        return -1;
+    filename = strrchr(processdir, '/');
+    if (filename == NULL)
+        return -1;
+    ++filename;
+    strcpy(processname, filename);
+    *filename = '\0';
+    return (int)(filename - processdir);
+}
+
 int main(int argc, char *argv[], char **env)
 {
+    char path[BUFFER] = { 0 };
+    char executable_filename[BUFFER] = { 0 };
+    (void)get_executable_path(path, executable_filename, sizeof(path));
+    
+    strcat(executable_filename, ".conf");
+    strcat(path, executable_filename);
+
+    
     conf *conf = (struct CONF *)malloc(sizeof(struct CONF));
-    read_conf("rhost.conf", conf);
+    read_conf(path, conf);
     //ptintf_conf(conf);
 
     // 新版本获取公网IP