On Sunday, 13.02.2005 at 10:58 +0100, Jimmy B wrote: > Hey list! > I'm just starting to learn about iptables and wonder about user-defined > chains. I've read some HOW-TO's and many seem to use them quite alot. > But it seems to me it would be easier not to, what is the advantage with > user-dined chains? It seems to me that the default ones would be enough. > Any hints? Or directions to good resources on the subject? It makes some things easier. For example, whenever I drop anything, I also want to log the fact that I have dropped it. So, I have a chain called DROPLOG. This sends some logging info to syslog, then does a DROP. In this way, whenever I get to a place where I would normally do a DROP, I send the packets to DROPLOG instead ... Dave. -- Dave Ewart - davee@sungate.co.uk - jabber: davee@jabber.org All email from me is now digitally signed, key from http://www.sungate.co.uk/ Fingerprint: AEC5 9360 0A35 7F66 66E9 82E4 9E10 6769 CD28 DA92
Attachment:
signature.asc
Description: Digital signature