clearchain $table:$chain
run ip46tables -t $table -A $chain -j LOG \
-m limit --limit 3/minute --limit-burst 10 \
- --log-prefix "fw: $chain " --log-level notice
+ --log-prefix "fw: $chain " --log-level notice || :
run ip46tables -t $table -A $chain -j "$@" \
-m limit --limit 20/second --limit-burst 100
run ip46tables -t $table -A $chain -j DROP
from=$(( $from + $bit ))
done
to=$(( ($netclassindex << $BIT_TO) ))
- tomask=$(( $MASK_MASK ^ (1 << ($netclassindex + $BIT_MASK)) ))
+ tomask=$(( $MASK_TO | $MASK_MASK ^ (1 << ($netclassindex + $BIT_MASK)) ))
trace "from $name --> set $(printf %08x/%08x $from $frommask)"
- trace " to $name --> and $(printf %08x/%08x $to $tomask)"
+ trace " to $name --> set $(printf %08x/%08x $to $tomask)"
## Now establish the mark-from-NAME and mark-to-NAME chains.
clearchain mangle:mark-from-$name mangle:mark-to-$name