** Reply to message from jdow <jdow@xxxxxxxxxxxxx> on Tue, 12 Aug 2003 03:16:22 -0700 > Rules are executed "top down". So packets logged in an early rule and > then rejected in a later rule get both logged and rejected. And I did > somewhat misread the list. It looks like you want to both log and reject > the 0:1023 material so you could -j REJECT -j LOG in a single rule, I > believe. Please excuse my error. Negative. Only one jump target per rule. Best way to log and drop at once is to use a user-defined chain. Here is how the author of Firestarter does it: # Create a new log and drop (LD) convenience chain. $IPT -N LD 2> /dev/null $IPT -F LD $IPT -A LD -j LOG $IPT -A LD -j DROP STOP=LD Then for every rule where you want to log and drop, just use the -j $STOP target. jb -- Shrike-list mailing list Shrike-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/shrike-list
