Hi, You should remove -m state --state NEW statements because they track only START of connections. 2008/8/1, linuxmc@xxxxxxxxx <linuxmc@xxxxxxxxx>: > echo "Rule 9 (global)" > $IPTABLES -N RULE_9 > $IPTABLES -A INPUT -m mac --mac-source 00:1B:38:B1:9A:57 -m state --state NEW -j RULE_9 > $IPTABLES -A INPUT -m mac --mac-source 00:0E:A6:C1:4E:18 -m state --state NEW -j RULE_9 > $IPTABLES -A FORWARD -m mac --mac-source 00:1B:38:B1:9A:57 -m state --state NEW -j RULE_9 > $IPTABLES -A FORWARD -m mac --mac-source 00:0E:A6:C1:4E:18 -m state --state NEW -j RULE_9 > $IPTABLES -A RULE_9 -j LOG --log-level info --log-prefix "RULE 9 -- ACCEPT " > $IPTABLES -A RULE_9 -j ACCEPT -- Best regards Anatoly Muliarski -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
