[H-GEN] IPTables problem
Snowy Angeilque Maslov aka 'Snowpony'
snowy at snowy.org
Mon Jul 19 19:55:13 EDT 2004
Robert Brockway said the following on 20/07/2004 9:50 AM:
>From man iptables:
>
> -i, --in-interface [!] name
> Name of an interface via which a packet is going to
> be received (only for packets entering the INPUT,
> FORWARD and PREROUTING chains). When the "!" argu
> ment is used before the interface name, the sense
> is inverted. If the interface name ends in a "+",
> then any interface which begins with this name will
> match. If this option is omitted, any interface
> name will match.
>
> The + option links the rule to any matching interface so without the +
> option is must be specific to a particular interfaces (alias or not), or
> so goes my logic. I suppose this could be talking about eth+ rather than
> eth0+. I haven't tried this but I may indeed do so when I get the time.
It is indeed talking about eth+ and similar interfaces. This option is quite
commonly used on ppp interfaces since pppd may not always bind to a specific
ppp interface. Instead of reloading your firewall rules with the updated name
for the ppp interface you are using; a lot of people instead just use 'ppp+'.
Of course this only works if you normally only have a single ppp session on
that particular machine.
--
Snowy "Snowpony" Angelique Cerise Maslov -- http://snowy.org/email.signature
PGP (GnuPG) fingerprint = 5280 6EBC D281 A9D2 564B E274 B2EC 54C3 8325 CECD
Email not addressed/CCd to snowy at snowy.org BOUNCE. READ URL for disclaimer!
"Ignorance killed the cat, sir. Curiosity was framed." ---C.J. Cherryh
More information about the General
mailing list