only log if "log" option given

2015-05-18 15:50:15 +01:00
parent 173f4db0f9
commit 75cee0fdfe
1 changed files with 1 additions and 1 deletions
--- a/blacklist.sh
+++ b/blacklist.sh
@@ -111,7 +111,7 @@ for url in $urls; do
    # actually execute the set update
    ipset -! -q restore < "${new_set_file}"

-    if [ "$1" != "nolog" ]; then
+    if [ "$1" = "log" ]; then
        iptables -A ${blocklist_chain_name} -m set --match-set "${set_name}" src,dst -m limit --limit 10/minute -j LOG --log-prefix "BLOCK ${set_name} "
    fi
    iptables -A ${blocklist_chain_name} -m set --match-set "${set_name}" src,dst -j DROP