-A RH-Firewall-1-INPUT ! -s cnnp1.com -j LOG --log-prefix "IPTABLES: " -A RH-Firewall-1-INPUT ! -s cnnp2.com -j LOG --log-prefix "IPTABLES: "
This is potentially trickier than one might think (especially since using the rules uncombined should result in logging most packets twice, which I presume isn't what you want).
How do these rules fit in your general iptables config? (Are you logging all packets? accepted packets? rejected packets?
Also, are the IP addresses of cnnp1 and cnnp2 close to each other?
I think the only way to make this work correctly (presuming you can't collect the two hosts into a single VLSM specification) is to use multiple rulesets.
For example...
-A RH-Firewall-1-INPUT -s cnnp1.com -j NON-LOGGING -A RH-Firewall-1-INPUT -s cnnp2.com -j NON-LOGGING -A RH-Firewall-1-INPUT -j LOG --log-prefix "IPTABLES: " -A RH-Firewall-1-INPUT -j NON-LOGGING
Then put all your 'normal' rules into NON-LOGGING...
