question
Willis L. Sarka
wlsarka@the-republic.org
Mon, 29 Oct 2001 19:25:30 +0000 (GMT)
Quick question,
I have a ICMP chain, inspired by several examples, but I'd like to add a
catch-all log rule at the end logging anything that is not of ICMP type
0, 3, 8, or 11.
Here it is:
$IPT -N icmp_accepted
$IPT -A icmp_accepted -p icmp --icmp-type 0 -j ACCEPT
$IPT -A icmp_accepted -p icmp --icmp-type 3 -j ACCEPT
$IPT -A icmp_accepted -p icmp --icmp-type 8 -j ACCEPT
$IPT -A icmp_accepted -p icmp --icmp-type 11 -j ACCEPT
$IPT -A icmp_accepted -p icmp --icmp-type ! 0,3,8,11 -j LOG --log-prefix
"ICMP Type Not allowed: "
Is the last statement valid? Can I do this?
TIA,
Will