Hi Jeremy, On Thu, Mar 23, 2006 at 01:35:20AM -0800, Jeremy Elson told us: > I have one more quick question: is there some way to get iptables -L > to show full rules? It seems that there are some aspects of the rules > that exist but are not printed, such as the interface selected. In > other words: when I type a command like: > > iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE try iptables -L -v this will give you additional information about your rules! > ... and then later check my work with iptables -t nat -L, it doesn't > show "tap0" anywhere. I actually mistyped this as "eth" (without the > 0) -- the original iptables command did not give me an error > (non-existant interface!), and the -L command didn't show me the error > :-(. I don't think iptables checks if the interface exists on rule insertion time. Which makes sense in my opinion, so you can add rules e.g. for device ppp0 (or even all devices beginning with 'ppp' as expressed by 'ppp+') before the specific device has been created. hope that helps!! have a nice day :-) Sven -- Linux zion.homelinux.com 2.6.16-rc3-mm1_27 #27 Wed Feb 15 17:51:36 CET 2006 i686 athlon i386 GNU/Linux 13:15:01 up 33 days, 17:30, 1 user, load average: 0.18, 0.31, 0.46
Attachment:
pgpCffMdWKy11.pgp
Description: PGP signature
