On Fri, 21 Jan 2005 16:11:57 +0100, Alexander Dalloz <ad+lists@xxxxxxxxx> wrote: > Am Fr, den 21.01.2005 schrieb Kevin Old um 16:02: > > > Yes, I have a chain called "OC", and no, I don't have anything in my > > input chain that calls the "OC" chain. I wasn't aware that I needed > > to call the "OC" chain from my input chain. > > > > Can you provide syntax of how I might do this? > > > Kevin > > From the default Fedora Core iptables setup (/etc/sysconfig/iptables): > > *filter > :INPUT ACCEPT [0:0] > :FORWARD ACCEPT [0:0] > :OUTPUT ACCEPT [0:0] > :RH-Firewall-1-INPUT - [0:0] > -A INPUT -j RH-Firewall-1-INPUT > -A FORWARD -j RH-Firewall-1-INPUT > -A RH-Firewall-1-INPUT -i lo -j ACCEPT > [...] > > You see how the INPUT chain jumps to target RH-Firewall-1-INPUT chain, > which would be in your case "OC". I think so. So, I'd issue the command: /sbin/iptables -A INPUT -j OC and OC would be appended to the INPUT chain. Correct? I'm not wanting to replace the INPUT chain, but only just keep rules I add in chain OC (to sort of organize the rules). Does the above do that? Thanks, Kevin --- Kevin Old kevinold@xxxxxxxxx
