Okey, I got your point. Just to clarify it, in case some other reader didn't
got it.
iptables -A -> will add to the end of the chain
iptables -I (without rulenum) -> will add as the first entry on the chain
I just looked at the summary of the manpage, where it states:
iptables -[RI] chain rulenum rule-specification [options]
And not
iptables -[RI] chain [rulenum] rule-specification [options]
Maybe an update of the manpage is in order ?
On Wed, Mar 13, 2002 at 02:12:48PM -0300, Mauricio Pretto wrote:
> Its optional the rulenum
> Rodrigo Barbosa wrote:
> >On Mon, Mar 11, 2002 at 10:09:31AM +0100, Christian Gothe wrote:
> >>Geert Hauwaerts writes:
> >>
> >>>Add them in your firewall
> >>>iptables -A INPUT -i eth0 -s THERE_IP -j DROP
> >>>
> >>iptables -I INPUT -i eth0 -s THERE_IP -j DROP is the better choice in
> >>most iptables firewalls.
> >
> >Hummm, as far as I remember, -I requires a rulenum paramter.
> >Maybe you mean:
> >
> >iptables -I INPUT 1 -i eth0 -s THERE_IP -j DROP
--
Rodrigo Barbosa - rodrigob at tisbrasil.com.br
TIS - Belo Horizonte, MG, Brazil
"Quis custodiet ipsos custodes?" - http://www.tisbrasil.com.br/
Brainbench Certified -> Transcript ID #3332104
