nanog mailing list archives
Re: IPv6 gateway, was: Re: IPv6 foot-dragging
From: Jeroen van Aart <jeroen () mompl net>
Date: Fri, 13 May 2011 15:33:04 -0700
Owen DeLong wrote:
On May 13, 2011, at 2:32 PM, Jeroen van Aart wrote:
-I FORWARD -j DROP -I FORWARD -s 2001:db8::/64 -j ACCEPT -I FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPTI thought iptables processed rules in order until it found a match. In such a case, wouldn't you want those in the reverse order?
I think hat's the case with -A, but with -I the above is the right order. Or at least it works here.
-- http://goldmark.org/jeff/stupid-disclaimers/ http://linuxmafia.com/~rick/faq/plural-of-virus.html
Current thread:
- IPv6 gateway, was: Re: IPv6 foot-dragging Jeroen van Aart (May 13)
- Re: IPv6 gateway, was: Re: IPv6 foot-dragging Jeroen van Aart (May 13)
- Re: IPv6 gateway, was: Re: IPv6 foot-dragging Jeroen van Aart (May 13)
- Re: IPv6 gateway, was: Re: IPv6 foot-dragging Owen DeLong (May 13)
- Re: IPv6 gateway, was: Re: IPv6 foot-dragging Jeroen van Aart (May 13)
- Re: IPv6 gateway, was: Re: IPv6 foot-dragging Owen DeLong (May 13)
- Re: IPv6 gateway, was: Re: IPv6 foot-dragging Owen DeLong (May 13)
- Re: IPv6 gateway, was: Re: IPv6 foot-dragging Todd Lyons (May 16)
- Re: IPv6 gateway, was: Re: IPv6 foot-dragging Erik Muller (May 17)