On Sun, Feb 29, 2004 at 10:15:16PM +0300, Serge Druzhinin wrote: > As I know, loopback interface also don't really exist. But I can match it in > rules. dummy0 (for example) interface is not rejected by iptables as > parameter for -i or -o, but rule never matches. No, it is not rejected because iptables has no way what interface name might be valid or not (nobody forces you to call your dummy inteface dummyX. This is common practise, maybe even policy, but not implementation). > If you have some time to discuss this situation, please take a look to > following: This is not a valid use of an interface. A 'dummy' interface can never be treated as a real interface. you won't be able to attach a tc qdisc or do any other advanced networking stuff eithe.r -- - Harald Welte <laforge@xxxxxxxxxxxxx> http://www.netfilter.org/ ============================================================================ "Fragmentation is like classful addressing -- an interesting early architectural error that shows how much experimentation was going on while IP was being designed." -- Paul Vixie
Attachment:
signature.asc
Description: Digital signature
