On Thu, 30 Oct 2003, David C. Hart wrote: > I've read the tutorial but a couple of doubts linger. > > 1. Since I'm only logging rejected packets, any suggestions on getting > name resolution into the log? you don't need to log only rejected packets. logging represents a "non-terminating" rule. you can log packets and they will continue to be processed by subsequent rules until you decide what you want to do with them. rday
