El Sáb 11 Ene 2003 23:58, Mattia Martinello escribió: If I am not wrong, chains are read sequentially. If you say first: > iptables -A LOG_DROP -j DROP and then you add "new" rules to your firewall script: > iptables -A LOG_DROP -s 192.168.1.0/24 -d 192.168.1.254/255.255.255.255 > -j ACCEPT > iptables -A LOG_DROP -s 192.168.1.254/255.255.255.255 -d 192.168.1.0/24 > -j ACCEPT it wont work, because everything before the DROP rule will NOT be parsed. I'm my particular case, I should "insert" those rules you want to be accepted before de DROP one. That's why I set my LOG and DROP rules in the last lines of the script. Please, correct me if I am in mistake, and sorry my bad english. Regards. -Miguel Angel Baeyens KeyID: 0x6FB7A511 en rediris.es
