On Tue, 12 Aug 2003 06:49:21 -0400 (EDT), Tom Diehl wrote > On Tue, 12 Aug 2003, jdow wrote: > > > Rules are executed "top down". So packets logged in an early rule and > > then rejected in a later rule get both logged and rejected. And I did > > somewhat misread the list. It looks like you want to both log and reject > > the 0:1023 material so you could -j REJECT -j LOG in a single rule, I > > believe. > > I think you must to do it in a single rule. As I understand how > iptables works first match wins and no further processing on a > particular packet is done. > > Am I missing something here?? Not with -j LOG. I have several two step rules, iptables -I INPUT ... -j DROP iptables -I INPUT same stuff -j LOG the log is done first, then the drop and further processing stops. -- Shrike-list mailing list Shrike-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/shrike-list
