* -s THIS ? (address belongs to one of of interfaces of local machine) ?
@ 2007-02-21 12:08 Yakov Lerner
2007-02-21 19:39 ` -s THIS ? (address belongs to one of of interfaces of local machine) Jim Laurino
2007-02-22 12:25 ` -s THIS ? (address belongs to one of of interfaces of local machine) ? Cedric Blancher
0 siblings, 2 replies; 3+ messages in thread
From: Yakov Lerner @ 2007-02-21 12:08 UTC (permalink / raw)
To: netfilter
Is there an easy way to specify '-s LOCAL', meaning
not 127.0.0.1, but meaning that address matches any of
addresses of interfaces belonging this this machine ?
Yakov
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: -s THIS ? (address belongs to one of of interfaces of local machine)
2007-02-21 12:08 -s THIS ? (address belongs to one of of interfaces of local machine) ? Yakov Lerner
@ 2007-02-21 19:39 ` Jim Laurino
2007-02-22 12:25 ` -s THIS ? (address belongs to one of of interfaces of local machine) ? Cedric Blancher
1 sibling, 0 replies; 3+ messages in thread
From: Jim Laurino @ 2007-02-21 19:39 UTC (permalink / raw)
To: netfilter
On 2007.02.21 07:08, Yakov Lerner - iler.ml@gmail.com wrote:
> Is there an easy way to specify '-s LOCAL', meaning
> not 127.0.0.1, but meaning that address matches any of
> addresses of interfaces belonging this this machine ?
In the filter table this distinction is implicit
in the choice of the Input/Output or Forward chains.
So 'Local' packets do not normally traverse Forward.
Is that enough?
--
Jim Laurino
nfcan.x.jimlaur@dfgh.net
Please reply to the list.
Only mail from the listserver reaches this address.
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: -s THIS ? (address belongs to one of of interfaces of local machine) ?
2007-02-21 12:08 -s THIS ? (address belongs to one of of interfaces of local machine) ? Yakov Lerner
2007-02-21 19:39 ` -s THIS ? (address belongs to one of of interfaces of local machine) Jim Laurino
@ 2007-02-22 12:25 ` Cedric Blancher
1 sibling, 0 replies; 3+ messages in thread
From: Cedric Blancher @ 2007-02-22 12:25 UTC (permalink / raw)
To: Yakov Lerner; +Cc: netfilter
Le mercredi 21 février 2007 à 07:08 -0500, Yakov Lerner a écrit :
> Is there an easy way to specify '-s LOCAL', meaning
> not 127.0.0.1, but meaning that address matches any of
> addresses of interfaces belonging this this machine ?
All locally generated packets cna be filtered in OUTPUT chain, nowhere
else. That's a pretty convenient way to spot them. The same idea goes to
packets destined to local addresses, that end in INPUT chain, nowhere
else.
--
http://sid.rstack.org/
PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE
>> Hi! I'm your friendly neighbourhood signature virus.
>> Copy me to your signature file and help me spread!
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2007-02-22 12:25 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-02-21 12:08 -s THIS ? (address belongs to one of of interfaces of local machine) ? Yakov Lerner
2007-02-21 19:39 ` -s THIS ? (address belongs to one of of interfaces of local machine) Jim Laurino
2007-02-22 12:25 ` -s THIS ? (address belongs to one of of interfaces of local machine) ? Cedric Blancher
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.