On Tuesday 29 June 2004 3:08 pm, Antony Stone wrote:
> On Tuesday 29 June 2004 2:49 pm, Richard Gutery wrote:
> > Stop macro:
> > $IPT -N LD
> > $IPT -A LD -j LOG
> > $IPT -A LD -j DROP
>
> That has me really confused. I was expecting you to say that $STOP
> expanded to the word DROP, or some other valid target for the -j option on
> the netfilter command line.
>
> > $STOP=LD (LD = Log and Drop)
>
> I don't quite see how you can use this after -j on an iptables rule,
> however...
Okay, having thought about it a little more I do now see that this should
work:
LD is a user-defined chain which simply LOGs, then DROPs, everything entering
it, and therefore "-j $STOP" is the same as "-j LD".
I got confused by thinking you meant that the $STOP macro expanded to three
lines (!) - now I see that's not quite what you meant....
Regards,
Antony.
--
Abandon hope, all ye who enter here.
You'll feel much better about things once you do.
Please reply to the list;
please don't CC me.
