How about: iptables -N good-ips iptables -A good-ips -s 192.168.43.1 -j RETURN iptables -A good-ips -s 192.168.43.2 -j RETURN iptables -A good-ips -j LOG and add: iptables -A INPUT -j good-ips in the appropriate place. -----Original Message----- From: netfilter-admin@xxxxxxxxxxxxxxxxxxx [mailto:netfilter-admin@xxxxxxxxxxxxxxxxxxx]On Behalf Of Keller Nicolas Sent: Tuesday, April 15, 2003 10:29 AM To: netfilter@xxxxxxxxxxxxxxxxxxx Subject: Multiple Source Addresses Hi! I want to log every packet that *doesn't* come from IP1 and IP2 (because these two hosts should be the only one that communicate with the Firewall). Up to now I couldn't figure out a way to do this, as it is NOT possible to include multiple source addresses in one line, like this: iptables -A INPUT -s !192.168.43.1 !192.168.43.2 -j LOG Anyone can show me a way to get this to work? Thank you very much! Nicolas Keller
