On 10/23/2008 7:38 PM, Joey wrote:
Great catch I totally missed that in my code that builds the save file.
That has been corrected.
http://web56.net/iptables-save.cfg
this is the result of iptables-save http://web56.net/iptables-save-output
Thanks!
Forgive me if I think something /REALLY/ weird is going on.
I have looked through both your iptables-save.cfg and your
iptables-save-output (which don't match each other) and I'm stumped.
I've noticed that both your iptables-save.cfg and your
iptables-save-output files have lines that appear to be in a different
(alphabetical(?)) order than the packets passed through your kernel.
Please flush all your tables / chains to kernel defaults and then apply
your config file and then provide an iptables-save output again. Also,
please provide the output of this command "iptables -t filter -L -n -v -x".
I /REALLY/ fell like there is something unknown to you that is outside
of what you have presented to us. I have no idea what it is.
Do you realize that you are jumping to your "fail2ban-postifx" chain to
immediately RETURN to the chain that you jumped from?
Also, you are not using your "fail2ban-postfix-log" chain at all.
Grant. . . .
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
