[squid-users] Packets logged as blocked even Firewall (IPtables) accepts them ...

Walter H. walter.h at mathemainzel.info
Wed Jul 19 09:40:36 UTC 2017


On Wed, July 19, 2017 11:31, Antony Stone wrote:
> On Wednesday 19 July 2017 at 10:16:30, Walter H. wrote:
>
>> I added these rules, and will see which packets are caught
>>
>> -A INPUT -m state --state INVALID -j LOG --log-prefix "IP[IN(invalid)]:
>> "
>> --log-level 7
>> -A FORWARD -m state --state INVALID -j LOG --log-prefix
>> "IP[FWD(invalid)]:
>> " --log-level 7
>> -A OUTPUT -m state --state INVALID -j LOG --log-prefix
>> "IP[OUT(invalid)]:
>> " --log-level 7
>>
>> and not by these after:
>>
>> -A INPUT -j LOG --log-prefix "IP[IN]: " --log-level 7
>> -A FORWARD -j LOG --log-prefix "IP[FWD]: " --log-level 7
>> -A OUTPUT -j LOG --log-prefix "IP[OUT]: " --log-level 7
>
> Note that any packets caught by the first rules will *also* be caught by
> the
> second rules (since there is no DROP in between, and the second rule does
> not
> exclude INVALID),

how would I exclude INVALID in the second rules?




More information about the squid-users mailing list