when i have a set of rules for ipfw, it reads the rules in
numeric order (they are numbered) and after the first
match it stops reading and executes that rule.
It means the "drop all" rule must be the last.
In iptables you can put it first and the rules will be read till
the end. If later an ACCEPT-rule is found for a packet,
how does iptables decide which rule will be dominant?
I sincerely miss a numbering system on iptables.
It would make it much faster to correlate rules from
"iptables -L" with the ones written in the config file :-/
ubuntu-users mailing list
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users