Hello, I have 2 questions if that's OK. INPUT DROP FORWARD DROP OUTPUT DROP
-N Block -N Logger -A INPUT -j Block -A Block -p tcp -m tcp --tcp-flags SYN,FIN SYN,FIN -j Logger -A Logger -j LOG --log-level 4 -A Logger -j DROP -A INPUT -i lo -j ACCEPT -A OUTPUT -o lo -j ACCEPT There will be more rules in Block, but I just want to understand the logic. 1.) How is -A INPUT -j Block possible before there are any rules appended to Block, does that mean iptables first searches and assembles all rules that belong to custom chains regardless of order? Same for Logger. 2.) Would this be OK to log and drop all rules in in Block? I am worried because there are four jumps, INPUT -> Block -> Logger -> LOG -> Logger -> DROP
