Re: OT iptables question

• Previous message: Glenn English: "Re: installation problems with SATA drives"
• In reply to: Glenn English: "OT iptables question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Sun, 04 Sep 2005 18:57:58 -0400
To: debian list <debian-user@lists.debian.org>

Glenn English wrote:
> I'm updating a RH ipchains packet filter script from the dim past to
> iptables on Debian stable.
>
> I noticed that when I specified the network the host is on (by IP/mask),
> the iptables listing called it "localnet." So I tried using localnet in
> the rule, and iptables seems to take it, and the chain seems to work.
> But I can't find any documentation about that keyword in man, in Rusty's
> HTML dox, or with google (lots of talk about it, but no dox).
>
> Is localnet a legit iptables network specification or an undocumented
> feature? What does it actually do (should I hang a CIDR mask on the end,
> or would that be redundant)? If the host responds to several IPs, does
> localnet cover then all? Or just eth0? How about eth0:1?
>
> It would be very handy because this script is to set filtering on all my
> DMZ and LAN hosts (by switching on their hostnames and IPs). I know I
> could just try it and see if it works, but this is to be the packet
> filter on the DMZ, and I'd like to do it as rigorously as I can.
>
> TIA...
>

On my sarge system localnet seems to be defined in /etc/networks.
Try "man networks" You might also try changing the network name there
and see what happens.

This raises another question for me, I don't understand why I cannot find the
this file using dlocate or apt-file, or even using the package search tool on
debian.org.

-- 
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

• Previous message: Glenn English: "Re: installation problems with SATA drives"
• In reply to: Glenn English: "OT iptables question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]