IPv6 gateway, was: Re: IPv6 foot-dragging

• Previous message (by thread): IPv6 gateway, was: Re: IPv6 foot-dragging
• Next message (by thread): IPv6 gateway, was: Re: IPv6 foot-dragging
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On May 13, 2011, at 3:33 PM, Jeroen van Aart wrote:

> Owen DeLong wrote:
>> On May 13, 2011, at 2:32 PM, Jeroen van Aart wrote:
> 
>>> -I FORWARD -j DROP
>>> -I FORWARD -s 2001:db8::/64 -j ACCEPT
>>> -I FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
>>> 
>> I thought iptables processed rules in order until it found a match. In such a case, wouldn't
>> you want those in the reverse order?
> 
> I think hat's the case with -A, but with -I the above is the right order. Or at least it works here.
> 

DOH! Arcane syntax failure on the part of my brain's parser.

Of course if you are Inserting rather than Appending.

Owen

• Previous message (by thread): IPv6 gateway, was: Re: IPv6 foot-dragging
• Next message (by thread): IPv6 gateway, was: Re: IPv6 foot-dragging
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]