13 May
2011
13 May
'11
6:41 p.m.
On May 13, 2011, at 3:33 PM, Jeroen van Aart wrote:
Owen DeLong wrote:
On May 13, 2011, at 2:32 PM, Jeroen van Aart wrote:
-I FORWARD -j DROP -I FORWARD -s 2001:db8::/64 -j ACCEPT -I FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
I thought iptables processed rules in order until it found a match. In such a case, wouldn't you want those in the reverse order?
I think hat's the case with -A, but with -I the above is the right order. Or at least it works here.
DOH! Arcane syntax failure on the part of my brain's parser. Of course if you are Inserting rather than Appending. Owen