Hi all. I think this iis possible according to my interpretation of the iptables manpage, however I am not sure. Is it possible to write one rule for the input chain to let's say, log all icmp-echo-reply packets, and then another rule for the input chain that drops the icmp-echo-reply packets? I think this is possible, since as far as I know every packet travels through the desired chain (s) until a rule or set of rules is encountered for the packet (s)? -------------------------------------------------------------------- mail2web - Check your email from the web at http://mail2web.com/ .
