On Saturday 13 April 2002 8:49 am, sixx wrote:
> Hi there,
>
> Actually what i want is this
>
> if (port !=22 | port !=80 | port != 110 ...) {
> log;
> }
The standard meaning of the symbol | is "or", so the above expression will
log everything !
I assume you meant to say "and" (usual symbol &), and that's exactly what
David's solution will do for you:
> > You should do something like:
> >
> > -A NORMPORTS -p tcp --sport 22 -j ACCEPT
> > -A NORMPORTS -p tcp --sport 110 -j ACCEPT
> > -A NORMPORTS -p tcp --sport 80 -j ACCEPT
> > (by this point your "normal" traffic is all accepted, and will not hit
> > the next rule)
> > -A NORMPORTS -p tcp -j LOG --log-prefix "TCP, not port 22/110/80"
> >
> > David.
The logical constructions:
if (port==22) { accept; }
elsif (port==80) { accept; }
elsif (port==110) { accept; }
else { log; }
and
if (port != 22 & port !=80 & port !=100) { log; }
are equivalent.
Try it and see.
Hope this helps.
Antony.
