> I can't see any dropped packet in this chain. > > $IPTABLES -A INPUT -f -j DROP Me too, i guess it is broken. I have put -f rules in INPUT, PREROUTING in nat table. And then bombed myself from a different host with fragments. And no logs were recorded.
Is it a bug? or am i dumb? i even tried -p tcp -f, as i thought that it may need more explicit rules. Regards, Maciej Soltysiak
