[CentOS] Simple IPTABLES Question
Kenneth Porter
shiva at sewingwitch.comWed Aug 20 00:04:14 UTC 2008
- Previous message: [CentOS] About fetchmail
- Next message: [CentOS] Simple IPTABLES Question
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
--On Tuesday, August 19, 2008 10:15 AM -0500 David Dyer-Bennet <dd-b at dd-b.net> wrote: > That's the right general approach; duplicate the drop rule but with a LOG > target and appropriate logging parameters. Another approach is to create a subchain that just logs and drops (no match rules), and in your main chain you match on the desired packet and jump to the subchain. That eliminates the need to maintain the same match in two places, and reduces the number of rules a non-dropped packet has to pass through.
- Previous message: [CentOS] About fetchmail
- Next message: [CentOS] Simple IPTABLES Question
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list