netfilter-owner@xxxxxxxxxxxxxxx wrote:
Good evening,
I currently have the following macro.
/sbin/iptables -N LOGDROP
/sbin/iptables -A LOGDROP -i wlan0 ! -s 10.0.0.2 -j LOG --log-level
info
/sbin/iptables -A LOGDROP -j DROP
/sbin/iptables -A INPUT -i wlan0 -s 58.102.198.29/255.255.255.0 -j
LOGDROP
What I really wan to do is log address and excluding certain subnets,
and address, but drop others on offending networks.
So I want to log addresses to wlan0 whose source address is not
10.0.0.2, but drop subnets which I exclude.
What is the best way to do this
Thanks
Chip
If I get your question right:
$IPT -N LOGDROP
$IPT -A LOGDROP -s 10.0.0.2 -j RETURN
$IPT -A LOGDROP -j LOG --log-level INFO
$IPT -A LOGDROP -j DROP
$IPT -A INPUT -i wlan0 -s 10.0.0.0/24 -j LOGDROP
$IPT -A INPUT -i wlan0 -s 58.102.198.29/24 -j LOGDROP
...
Regards
Mart
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
