* Bad Argument `lo'
@ 2012-10-03 20:16 Markus Feldmann
0 siblings, 0 replies; 3+ messages in thread
From: Markus Feldmann @ 2012-10-03 20:16 UTC (permalink / raw)
To: netfilter
Hi All,
i using iptables (version 1.4.14) on a LMDE(Debian like) with kernel
3.5.3. Some days before i watched my logs after several weeks again. :-)
And i spotted the error message:
Bad argument `lo'
So i searched at google to get a solution and i got one. Some user told
to put the <lo> into ticks, like this
'!lo'
My iptables-rules regarding on this problem were looking so,
...
iptables -A INPUT -i ! lo -s 127.0.0.1 -j DROP
...
and i changed this line to,
...
iptables -A INPUT -i '!lo' -s 127.0.0.1 -j DROP
...
Now i am not sure, if this works correctly. <iptables -L> shows me the
device "!lo",
######################################################################
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
0 0 LOG all -- !lo any localhost
anywhere limit: avg 3/sec burst 5 LOG level warning prefix
"Loopback gespooft: "
0 0 DROP all -- !lo any localhost
anywhere
######################################################################
but i am not sure if this works correctly. Does somebody knows if this
trick works correctly?
regards Markus
^ permalink raw reply [flat|nested] 3+ messages in thread
* Bad Argument `lo'
@ 2012-10-04 19:14 Markus Feldmann
2012-10-04 19:23 ` Eric Leblond
0 siblings, 1 reply; 3+ messages in thread
From: Markus Feldmann @ 2012-10-04 19:14 UTC (permalink / raw)
To: netfilter
Hi All,
i using iptables (version 1.4.14) on a LMDE(Debian like) with kernel
3.5.3. Some days before i watched my logs after several weeks again. :-)
And i spotted the error message:
Bad argument `lo'
So i searched at google to get a solution and i got one. Some user told
to put the <lo> into ticks, like this
'!lo'
My iptables-rules regarding on this problem were looking so,
...
iptables -A INPUT -i ! lo -s 127.0.0.1 -j DROP
...
and i changed this line to,
...
iptables -A INPUT -i '!lo' -s 127.0.0.1 -j DROP
...
Now i am not sure, if this works correctly. <iptables -L> shows me the
device "!lo",
######################################################################
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 LOG all -- !lo any localhost anywhere
limit: avg 3/sec burst 5 LOG level warning prefix "Loopback
gespooft: "
0 0 DROP all -- !lo any localhost anywhere
######################################################################
but i am not sure if this works correctly. Does somebody knows if this
trick works correctly?
regards Markus
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Bad Argument `lo'
2012-10-04 19:14 Bad Argument `lo' Markus Feldmann
@ 2012-10-04 19:23 ` Eric Leblond
0 siblings, 0 replies; 3+ messages in thread
From: Eric Leblond @ 2012-10-04 19:23 UTC (permalink / raw)
To: Markus Feldmann; +Cc: netfilter
[-- Attachment #1: Type: text/plain, Size: 1841 bytes --]
Hi,
Le jeudi 04 octobre 2012 à 21:14 +0200, Markus Feldmann a écrit :
> Hi All,
>
> i using iptables (version 1.4.14) on a LMDE(Debian like) with kernel
> 3.5.3. Some days before i watched my logs after several weeks again. :-)
> And i spotted the error message:
>
> Bad argument `lo'
>
> So i searched at google to get a solution and i got one. Some user told
> to put the <lo> into ticks, like this
>
> '!lo'
Nope the solution is given in the man page:
[!] -i, --in-interface name
So you need
iptables -A INPUT ! -i lo -s 127.0.0.1 -j DROP
BR,
>
> My iptables-rules regarding on this problem were looking so,
>
> ...
> iptables -A INPUT -i ! lo -s 127.0.0.1 -j DROP
> ...
>
> and i changed this line to,
>
> ...
> iptables -A INPUT -i '!lo' -s 127.0.0.1 -j DROP
> ...
>
> Now i am not sure, if this works correctly. <iptables -L> shows me the
> device "!lo",
>
> ######################################################################
> Chain INPUT (policy DROP 0 packets, 0 bytes)
> pkts bytes target prot opt in out source destination
> 0 0 LOG all -- !lo any localhost anywhere
> limit: avg 3/sec burst 5 LOG level warning prefix "Loopback
> gespooft: "
> 0 0 DROP all -- !lo any localhost anywhere
> ######################################################################
>
> but i am not sure if this works correctly. Does somebody knows if this
> trick works correctly?
>
> regards Markus
> --
> To unsubscribe from this list: send the line "unsubscribe netfilter" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
--
Eric Leblond
Blog: http://home.regit.org/ - Portfolio: http://regit.500px.com/
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 198 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2012-10-04 19:23 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-10-04 19:14 Bad Argument `lo' Markus Feldmann
2012-10-04 19:23 ` Eric Leblond
-- strict thread matches above, loose matches on Subject: below --
2012-10-03 20:16 Markus Feldmann
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.