On Wed, Oct 23, 2002 at 06:52:38AM +0300, [EMAIL PROTECTED] wrote:
> Hei
>
> Doesn't seem to work that way. Seems that all ping requests are logged - a
> bit
> irritating as I have a friend who often leaves ping running and goes and
> does other stuff when he is testing the connection to this machine and the
> logs get even more boring to read than normal.
>
> Am I missing something?
Hello all again
I have to apologise for the letter I wrote earlier. As I walked
to the bus-stop on my way to work I realised what I had done
wrong.
Near the very top of the fw is the following:
$IPTABLES -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
Thus anything that is part of a connection will be accepted. The first
packet will hit the rule:
$IPT -A INPUT -p icmp -s 0/0 --icmp-type 8 -m limit --limit 3/minute -j LOG
--log-prefix "ping"
but all the following packets will never get to that rule but will
be accepted because they are part of an 'ESTABLISHED' connection.
Sorry!
t.irvine
