On Saturday, January 18, 2014 11:01:11 PM Phil Oester wrote: > Yes, don't use -I to insert the limit rules at the very top of the INPUT > chain. But if you insist upon doing so, exempt your LAN from the rules > by adding "-s ! 199.x.x.x/22" to the two recent rules. Or "! -s 199.x.x.x/22" since 'infix' notation has been removed from recent versions of iptables. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
