iptables isn't blocking IP
Kevin Old
kevinold at gmail.com
Fri Jan 21 15:29:47 UTC 2005
On Fri, 21 Jan 2005 16:11:57 +0100, Alexander Dalloz <ad+lists at uni-x.org> wrote:
> Am Fr, den 21.01.2005 schrieb Kevin Old um 16:02:
>
> > Yes, I have a chain called "OC", and no, I don't have anything in my
> > input chain that calls the "OC" chain. I wasn't aware that I needed
> > to call the "OC" chain from my input chain.
> >
> > Can you provide syntax of how I might do this?
>
> > Kevin
>
> From the default Fedora Core iptables setup (/etc/sysconfig/iptables):
>
> *filter
> :INPUT ACCEPT [0:0]
> :FORWARD ACCEPT [0:0]
> :OUTPUT ACCEPT [0:0]
> :RH-Firewall-1-INPUT - [0:0]
> -A INPUT -j RH-Firewall-1-INPUT
> -A FORWARD -j RH-Firewall-1-INPUT
> -A RH-Firewall-1-INPUT -i lo -j ACCEPT
> [...]
>
> You see how the INPUT chain jumps to target RH-Firewall-1-INPUT chain,
> which would be in your case "OC".
I think so. So, I'd issue the command:
/sbin/iptables -A INPUT -j OC
and OC would be appended to the INPUT chain. Correct?
I'm not wanting to replace the INPUT chain, but only just keep rules I
add in chain OC (to sort of organize the rules). Does the above do
that?
Thanks,
Kevin
---
Kevin Old
kevinold at gmail.com
More information about the users
mailing list