* Patrick Hsieh ([EMAIL PROTECTED]) [020508 20:24]: > Hello, > > When I use -j DROPLOG in iptables, my woody complains: > iptables v1.2.6a: Couldn't load target > `DROPLOG':/lib/iptables/libipt_DROPLOG.so: cannot open shared object file: No > such file or directory > > Try `iptables -h' or 'iptables --help' for more information. >
I've never seen DROPLOG; it's some kind of extension, no? What I have seen people do is something like this: iptables -N logndrop iptables -A logndrop -j LOG iptables -A logndrop -j DROP and then use -j logndrop wherever they want to log and drop a packet. Personally, I don't find it too much trouble to specify 2 lines (a log and a drop) each time I want to discard a packet. It gives me the added benefit of specifying a separate --log-prefix for each place in my filter that things are dropped. good times, Vineet -- Currently seeking opportunities in the SF Bay Area Please see http://www.doorstop.net/resume.shtml
pgp6Pjsb9ucpL.pgp
Description: PGP signature
