Florian Westphal <fw@xxxxxxxxx> wrote: > Jann Haber <jann.haber@xxxxxxxxxx> wrote: > > while it is loading. When I put the same rules all in one file and load > > it, I can see all packets of a ping pass with no problem. > > Hmm, that doesn't work for me, but I do see the 'ping loss'. > I suspect its the 'drop' policy, combined with too early wire-up > of the base chain. Addendum: if i am right, you can work around the hiccups by using a final drop rule + 'policy accept'.
