Ubuntu 22.04
I noticed that adding a single rule which only does logging
sudo ip6tables -A OUTPUT -d xxxx::xxxx -j LOG -t nat
does not produce any logging actually. But when adding another rule (e.g. DNAT) after the LOG it starts logging as expected.
sudo ip6tables -D OUTPUT -d xxxx::xxxx -j DNAT --to-destination yyyy::yyyy -t nat
Why does that happen? I consulted man iptables, but there’s nothing specifying that non-terminating targets do not work if this is the only one target within a chain or something like that.
Is it how ip6tables expected to work (but not explicitly documented)?
