iptables is supposed to write a rule for each of a hostname's IP
addresses. iptables -A INPUT --source www.google.com gives me six
rules for the six IP addresses. Adding --source www.google.com bumps
that up to thirty-six rules.
I'm uncertain of the issue with duplicate addresses for localhost.
On Thursday 2012-10-25 17:20, Laurence J. Lane wrote:
I'm uncertain of the issue with duplicate addresses for localhost.
I'll ask upstream if iptables should filter out duplicates.
dunno. I have no preference in this regard.
`wget` would also seem to simply iterate over all entries.
--
To
Hint:
If you comment out ::1 localhost in /etc/hosts, the problem disappears.
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
I traced that behavior to host_to_ipaddr function in libxtables/xtables.c
--source hostname will match all the IP addresses of hostname.
Same thing for --destination
The problem is that gethostbyname(localhost) returns two results: 127.0.0.1
and 127.0.0.1 (yes, the same thing).
So this might
Hi libc folks,
iptables --insert --source localhost ...
is currently creating duplicate entries.
I believe this is because of a problem in gethostbyname(localhost) that
returns duplicate answers.
Attached is a tiny test case.
./main
127.0.0.1
120.0.0.1
If I comment out ::1 localhost in my
5 matches
Mail list logo