On Wednesday 2017-03-08 17:45, Pablo Neira Ayuso wrote: >On Wed, Mar 08, 2017 at 05:26:58PM +0100, Jan Engelhardt wrote: >> A long-standing problem has been that `iptables -s any_host_here` >> could yield multiple rules with the same address if the DNS was >> indeed so populated. > >When did anyone report this problem out of the localhost case? It's been a long time. I think the issue was actually that one can specify multiple host names, and if those hostnames happen to resolve to the same address in the end, iptables would emit two rules of which one is essentially redundant. iptables -A INPUT -s www2.company.com,www3.company.com -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
