bugzilla-daemon@bugzilla.netfilter.org
2006-Aug-29 15:45 UTC
[Bug 507] tun99 don't trapped by tun+
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=507 kaber@trash.net changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |INVALID ------- Additional Comments From kaber@trash.net 2006-08-29 15:45 MET ------- Thats expected, "+" matches only a single character, so you need to use "tun++". -- Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon@bugzilla.netfilter.org
2006-Aug-29 15:45 UTC
[Bug 507] tun99 don't trapped by tun+
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=507 kaber@trash.net changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |INVALID ------- Additional Comments From kaber@trash.net 2006-08-29 15:45 MET ------- Thats expected, "+" matches only a single character, so you need to use "tun++". -- Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You reported the bug, or are watching the reporter.
bugzilla-daemon@bugzilla.netfilter.org
2006-Aug-29 15:59 UTC
[Bug 507] tun99 don't trapped by tun+
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=507 ------- Additional Comments From fguiliani@perinfo.com 2006-08-29 15:59 MET ------- (In reply to comment #1)> Thats expected, "+" matches only a single character, so you need to use "tun++". >So let me suggest a change to the man page of iptables who actually is: -i, --in-interface [!] name If the interface name ends in a "+", then any interface which begins with this name will match. and the --help option of iptables: --in-interface -i [!] input name[+] network interface name ([+] for wildcard) it does not mention that "+" is for only one char. -- Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon@bugzilla.netfilter.org
2006-Aug-29 16:03 UTC
[Bug 507] tun99 don't trapped by tun+
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=507 kaber@trash.net changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|INVALID | ------- Additional Comments From kaber@trash.net 2006-08-29 16:03 MET ------- Hmm actually you may be right, the code seems to attempt to let a trailing + match anything. Let me look into this again .. -- Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon@bugzilla.netfilter.org
2006-Aug-29 16:03 UTC
[Bug 507] tun99 don't trapped by tun+
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=507 kaber@trash.net changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|INVALID | ------- Additional Comments From kaber@trash.net 2006-08-29 16:03 MET ------- Hmm actually you may be right, the code seems to attempt to let a trailing + match anything. Let me look into this again .. -- Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You reported the bug, or are watching the reporter.
bugzilla-daemon@bugzilla.netfilter.org
2006-Aug-29 16:17 UTC
[Bug 507] tun99 don't trapped by tun+
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=507 ------- Additional Comments From kaber@trash.net 2006-08-29 16:17 MET ------- Tested locally and it works perfectly fine with dummy renamed to tun99. There haven't been any changes in this code (neither kernel nor userspace) for ages, so I guess your ruleset allows these packet to return from the tun_fwd chain and thats the reason why you seem them afterwards. -- Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon@bugzilla.netfilter.org
2006-Aug-29 16:17 UTC
[Bug 507] tun99 don't trapped by tun+
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=507 ------- Additional Comments From kaber@trash.net 2006-08-29 16:17 MET ------- Tested locally and it works perfectly fine with dummy renamed to tun99. There haven't been any changes in this code (neither kernel nor userspace) for ages, so I guess your ruleset allows these packet to return from the tun_fwd chain and thats the reason why you seem them afterwards. -- Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You reported the bug, or are watching the reporter.
bugzilla-daemon@bugzilla.netfilter.org
2006-Aug-29 17:40 UTC
[Bug 507] tun99 don't trapped by tun+
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=507 fguiliani@perinfo.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|REOPENED |RESOLVED Resolution| |INVALID ------- Additional Comments From fguiliani@perinfo.com 2006-08-29 17:40 MET ------- (In reply to comment #4)> Tested locally and it works perfectly fine with dummy renamed to tun99. There > haven't been any changes in this code (neither kernel nor userspace) for ages, > so I guess your ruleset allows these packet to return from the tun_fwd chain and > thats the reason why you seem them afterwards.Thanks, I will go next to Shorewall bugreport then ;) -- Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
Maybe Matching Threads
- [Bug 507] New: tun99 don't trapped by tun+
- CTI (Computer-Telephony Integration) with Asterisk ?
- [Bug 552] Strange DNAT behaviour... packet don't pass to PREROUTING and go directly in INPUT !!
- Bug? wildcard interfaces not accepted in fwd chain
- [Bug 511] Premature ip_conntrack timer expiry on 3+ window size advertisements