Hi,
> The matching iptables on my PC are, > > -A INPUT -p tcp -m mac --mac-source 00:13:49:05:FE:27 -m tcp --dport > 25 -j LOG --log-prefix "__MAIL__" --log-level 7 > > -A INPUT -p tcp -m mac --mac-source 00:13:49:05:FE:27 -m tcp --dport > 25 -j ACCEPT > > and i'd like thje kernel to leave the processing chain here, since > else the same stuff gets logged as general 'hit' a second time. > How can i do that ? what you clealy want is connection tracking, and not logging each packet, but this is wonderfully desribed in the net netfilter howto. http://www.netfilter.org/documentation/index.html#documentation-howto and the basic idea to get nice firewall logs is - chain which allows everything which was allowed before - chain which allows something - chain which allows something . . . - chain which logs - chain which rejects for home an office use you can also try to do it by interface.. - chain which allows everything which was allowed before - interface external - - chain which allows something - - chain which allows something - - ... - - log/reject everything from that interface - interface internal - - chain which allows something - - chain which allows something - - ... - - log/reject everything from that interface -- Florian Reitmeir -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
