On Wednesday 19 July 2017 at 10:16:30, Walter H. wrote:
> I added these rules, and will see which packets are caught
>
> -A INPUT -m state --state INVALID -j LOG --log-prefix "IP[IN(invalid)]: "
> --log-level 7
> -A FORWARD -m state --state INVALID -j LOG --log-prefix "IP[FWD(invalid)]:
> " --log-level 7
> -A OUTPUT -m state --state INVALID -j LOG --log-prefix "IP[OUT(invalid)]:
> " --log-level 7
>
> and not by these after:
>
> -A INPUT -j LOG --log-prefix "IP[IN]: " --log-level 7
> -A FORWARD -j LOG --log-prefix "IP[FWD]: " --log-level 7
> -A OUTPUT -j LOG --log-prefix "IP[OUT]: " --log-level 7
Note that any packets caught by the first rules will *also* be caught by the
second rules (since there is no DROP in between, and the second rule does not
exclude INVALID), so don't be surprised when you see log entries from both
rules for the same packet.
Antony.
--
Python is executable pseudocode.
Perl is executable line noise.
Please reply to the list;
please *don't* CC me.
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
