Senhores,
Preciso incluir uma regra no "Chain Forward" antes do "fnospoof". Como posso fazer isso?
Já usei o firewall.postservice, mas as regras são adcionadas no final.
Chain FORWARD (policy DROP)
target prot opt source destination
DROP all -- anywhere anywhere state INVALID
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
fnospoof all -- anywhere anywhere
fredirects all -- anywhere anywhere
fmodules all -- anywhere anywhere
ffwdrules all -- anywhere anywhere
fnoexternal all -- anywhere anywhere
fdns all -- anywhere anywhere
fobjects all -- anywhere anywhere
fglobal all -- anywhere anywhere
ACCEPT icmp !f anywhere anywhere icmp echo-request state NEW
ACCEPT icmp !f anywhere anywhere icmp echo-reply state NEW
ACCEPT icmp !f anywhere anywhere icmp destination-unreachable state NEW
ACCEPT icmp !f anywhere anywhere icmp source-quench state NEW
ACCEPT icmp !f anywhere anywhere icmp time-exceeded state NEW
ACCEPT icmp !f anywhere anywhere icmp parameter-problem state NEW
fdrop all -- anywhere anywhere