Learn how easy it is to sync an existing GitHub or Google Code repo to a SourceForge project! See Demo

Close

#295 interface wildcard matching

closed
Vadim Kurland
None
5
2011-11-25
2011-11-25
Rolf Fokkens
No

iptables allows specification of interfaces like "vnet+" which means any interface who's name starts with vnet. This is of use for me when running Linux (libvirt) virtual machines with bridging interfaces, each VM has an associated vnet0, vnet1, ... etc interface in the bridge. Naming of the vnet interfaces is done dynamically, so rules for specific interfaces are impossible, but rules for all vnet+ interfaces might be useful.

Specifying vnet+ as a bridge interface is accepted by fwbuilder, and correct rules are generated. But this doesn't mean it's actually supported, and maybe it shouldn't? Would be convenient for me though.

Discussion

  • Vadim Kurland
    Vadim Kurland
    2011-11-25

    • assigned_to: nobody --> vkurland
     
  • Vadim Kurland
    Vadim Kurland
    2011-11-25

    I am not sure what you are asking. Fwbuilder supports special interface names ending with "*" or "+" (these are equivalent) and generates iptables rules matching these, just like you have discovered. What feature you are asking for ?

     
  • Rolf Fokkens
    Rolf Fokkens
    2011-11-25

    Checked again, vnet* is supported and translated to vnet+. Comments on bug 3439613 however do apply.

     
  • Vadim Kurland
    Vadim Kurland
    2011-11-25

    I still dont understand what this feature request is about. The feature you are asking for is already supported.

     
  • Rolf Fokkens
    Rolf Fokkens
    2011-11-25

    I agree it's there, as stated in my previous comment. Yet if it is supported, I think it's flawed. That's what the comments in bug 3439613 tell.

    Sorry for the confusion, this feature request can be closed.

     
  • Rolf Fokkens
    Rolf Fokkens
    2011-11-25

    Feature already there.

     
  • Rolf Fokkens
    Rolf Fokkens
    2011-11-25

    • status: open --> closed