From 0e9f4ded6cb33f4b50c06f7b9d632513952335d4 Mon Sep 17 00:00:00 2001
From: Bartosz Oleaczek <bartosz.oleaczek@nordsec.com>
Date: Tue, 17 Dec 2024 10:49:41 +0100
Subject: [PATCH] fix

---
 daemon/firewall/iptables/iptables.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/daemon/firewall/iptables/iptables.go b/daemon/firewall/iptables/iptables.go
index f17cd816..605652fa 100644
--- a/daemon/firewall/iptables/iptables.go
+++ b/daemon/firewall/iptables/iptables.go
@@ -107,7 +107,7 @@ func (ipt *IPTables) applyRule(rule firewall.Rule, add bool) error {
 		}
 		for _, ipTableRule := range ipTablesRules {
 			if !rule.Allow {
-				prefix := fmt.Sprintf("-j NFLOG --nflog-prefix \"LOG-pre-%s\"", rule.Name)
+				prefix := fmt.Sprintf("-j NFLOG --nflog-prefix \"LOG-post-%s\"", rule.Name)
 				log.Println(internal.DebugPrefix, "[iptables-debug], add rule: ", prefix)
 				logRule := strings.Replace(ipTableRule, "-j DROP", prefix, -1)
 				args := fmt.Sprintf("%s %s -w"+internal.SecondsToWaitForIptablesLock, flag, logRule)
@@ -128,7 +128,7 @@ func (ipt *IPTables) applyRule(rule firewall.Rule, add bool) error {
 			}
 
 			if !rule.Allow {
-				prefix := fmt.Sprintf("-j NFLOG --nflog-prefix \"LOG-post-%s\"", rule.Name)
+				prefix := fmt.Sprintf("-j NFLOG --nflog-prefix \"LOG-pre-%s\"", rule.Name)
 				log.Println(internal.DebugPrefix, "[iptables-debug], add rule: ", prefix)
 				logRule := strings.Replace(ipTableRule, "-j DROP", prefix, -1)
 				args := fmt.Sprintf("%s %s -w"+internal.SecondsToWaitForIptablesLock, flag, logRule)