OT iptables question

To: debian list <debian-user@lists.debian.org>
Subject: OT iptables question
From: Glenn English <ghe@slsware.com>
Date: Sun, 04 Sep 2005 15:16:17 -0600
Message-id: <[🔎] 1125868577.20417.272.camel@snuk.slsware.lan>

I'm updating a RH ipchains packet filter script from the dim past to
iptables on Debian stable. 

I noticed that when I specified the network the host is on (by IP/mask),
the iptables listing called it "localnet." So I tried using localnet in
the rule, and iptables seems to take it, and the chain seems to work.
But I can't find any documentation about that keyword in man, in Rusty's
HTML dox, or with google (lots of talk about it, but no dox). 

Is localnet a legit iptables network specification or an undocumented
feature? What does it actually do (should I hang a CIDR mask on the end,
or would that be redundant)? If the host responds to several IPs, does
localnet cover then all? Or just eth0? How about eth0:1?

It would be very handy because this script is to set filtering on all my
DMZ and LAN hosts (by switching on their hostnames and IPs). I know I
could just try it and see if it works, but this is to be the packet
filter on the DMZ, and I'd like to do it as rigorously as I can.

TIA...

-- 
Glenn English
ghe@slsware.com
GPG ID: D0D7FF20

Reply to:

Follow-Ups:
- Re: OT iptables question
  - From: Marty <martyb@ix.netcom.com>

Prev by Date: Re: icewm window titles
Next by Date: getting ipw2100 to find its firmware at boot time?
Previous by thread: postfix / gmail
Next by thread: Re: OT iptables question
Index(es):
- Date
- Thread