Hi All, I have a very basic question. I am updating an active response script for OSSEC that add DROP rules. I added rules to log packets being dropped: Ex for IP 1.1.1.1 iptables -I INPUT -s 1.1.1.1 -m limit --limit 1/sec -j LOG --log-prefix OSSEC-HIDS --log-level 7 (rule added) iptables -I INPUT -s 1.1.1.1 -j DROP (original rule) It doesn't log, it actually logs if I only run the first rule, as soon as I run the DROP rule, it DROP packets indeed, but it won't log anymore. Thanks David ROBERT http://blog.ombrepixel.com/ -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
