LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Weekly Edition

Return to the Kernel page

Recent Features

LWN.net Weekly Edition for February 16, 2012

Book review: Open Advice

Linux support for ARM big.LITTLE

LWN.net Weekly Edition for February 9, 2012

XBMC 11 "Eden"

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Quotes of the week

[Posted March 18, 2009 by corbet]

That was added five or six years ago, and I never ever got to eat my hat.
-- Andrew Morton

Finally, with a lot of delay, I've just released the first full public version of my nftables code (including userspace), which is intended to become a successor to iptables. Its written from scratch and there are numerous differences to iptables in both features and design...
-- Patrick McHardy

I'm really fed up with these discussions. I have seen almost _zero_ critical thinking at all. Probably because anybody who is in the least doubtful about it simply has tuned out the discussion. So here's my input: start small, start over, and start thinking about other issues than just checkpointing.
-- Linus Torvalds seeks to restart the checkpoint discussion

(Log in to post comments)

iptables log and drop

Posted Mar 22, 2009 8:37 UTC (Sun) by dlang (✭ supporter ✭, #313) [Link]

it's trivial to setup iptables so that log and drop don't require seperate lines for every instance

iptables -A logdrop -j log
iptables -A logdrop -j drop

now everywhere you have a match that you want to both log and drop, just set it to use -j logdrop and it will jump to this short chain that does both.

Copyright © 2009, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds