On 11/09/2013 12:47 PM, Bill.M wrote: > But is there anyway to specify both eth0 and wlan0 as equally valid > interfaces on my laptop depending on whether it's in my dock or on the road? > > For example, -i wlan0,eth0 or -o wlan0,eth0 > Is something like these possible?
* You can avoid specifying any interface at all, so long as you don't mind the rule being applied to the loopback interface as well. Chances are very good that this will work for you and is the best solution, but you need to evaluate the rules in question. * You can use a '+' at the end of the interface name which acts as a wildcard. This won't help since your interfaces names differ in the first character, not the last, but you can easily customize their names to differ in their suffix rather than prefix by editing: /etc/udev/rules.d/70-persistent-net.rules * You can create a new chain, have packets from either interface jump to it via two rules, then put the rest of your rules in that chain, without specifying an interface name. e.g. (untested): iptables -t filter -N foo iptables -t filter -A INPUT -i eth0 -j foo iptables -t filter -A INPUT -i wlan0 -j foo iptables -t filter -A foo --src 1.2.3.4 -j DROP iptables -t filter -A foo -p tcp --dport 80 -j DROP ... -- David -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/527e99f5.8070...@meta-dynamic.com