Which is why I always use all-lowercase for userchains. No chance of a mixup with TARGETs (they are always all-uppercase). Rgds, On 2011-03-19, Rob (lists) <lists@xxxxxxxxxxxxxxx> wrote: >> > If I change the LOG_ACCEPT to ACCEPT, strangely SSH starts working. >> >> Not so strange to me. Using the ACCEPT target, you're >> actually ACCEPTing the packet(s) whereas LOG_ACCEPT doesn't >> (do anything). > > Maybe this isn't clear. > ACCEPT is a final target: the packet will be accepted and that's that. > LOG_ACCEPT is a userdefined chain, not a target, but you can send > packets matching a rule to such chain for further processing. You should > add rules to this chain that tell Netfilter what to do with a packet; if > the chain is empty, nothing will be done. The packet will not be > accepted, simply because the chain is called 'LOG_ACCEPT'. > > > -- Rob > > -- > To unsubscribe from this list: send the line "unsubscribe netfilter" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html > -- -- Pandu E Poluan - IT Optimizer My website: http://pandu.poluan.info/ -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html