After looking more into this, it seems that checkentry is called for every rule up to and including the one I added. For example, if give each a unique ID and outputs the id, then the first three -A give me: First -A: 0 Second -A: 0 1 Third -A: 0 1 2 And so forth. If I instead use -I, the new rule is printed first. -Kristian -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
