Re: [iptables] Effect of negating multiple source or dest IPs (-s or -d)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> What's the effect of this rule on a multihomed box
> (the IPs below are just some examples, not real):
>
>    iptables -A INPUT ! -d 1.2.3.4,2.3.4.5 -p all -j DROP
>

the newest version of iptables says:

iptables v1.4.12.1: ! not allowed with multiple source or destination IP
addresses

As it will be transformed in to two rules anyway, I'd recommend to
directly write n rules for that.

Simon

--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux