iptables allows specification of interfaces like "vnet+" which means any interface who's name starts with vnet. This is of use for me when running Linux (libvirt) virtual machines with bridging interfaces, each VM has an associated vnet0, vnet1, ... etc interface in the bridge. Naming of the vnet interfaces is done dynamically, so rules for specific interfaces are impossible, but rules for all vnet+ interfaces might be useful.
Specifying vnet+ as a bridge interface is accepted by fwbuilder, and correct rules are generated. But this doesn't mean it's actually supported, and maybe it shouldn't? Would be convenient for me though.
Log in to post a comment.