Daniel Dvořák írta:
$ipt -P logdrop ACCEPT
Policy is not supported on non built-in chains...
$ipt -F INPUT
$ipt -F OUTPUT
See below..
$ipt -F -t nat
$ipt -F -t mangle
Okay...
$ipt -F logdrop
Use this:
$ipt -F -t filter
$ipt -F -t raw
$ipt -X logdrop
not needed...
$ipt -N logdrop
$ipt -A logdrop -j LOG --log-prefix "logdrop"
$ipt -A logdrop -j DROP
...
$ipt -t mangle -A POSTROUTING -p tcp --dport 25 -j logdrop ... for
example
It is not a good idea to drop packets in other than the filter table...
But if you want to do that then declare the logdrop chain in the mangle
table !!!
$ipt -t mangle -N logdrop
$ipt -t mangle -A logdrop .....
Swifty
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
