Hi, Le jeudi 04 octobre 2012 à 21:14 +0200, Markus Feldmann a écrit : > Hi All, > > i using iptables (version 1.4.14) on a LMDE(Debian like) with kernel > 3.5.3. Some days before i watched my logs after several weeks again. :-) > And i spotted the error message: > > Bad argument `lo' > > So i searched at google to get a solution and i got one. Some user told > to put the <lo> into ticks, like this > > '!lo' Nope the solution is given in the man page: [!] -i, --in-interface name So you need iptables -A INPUT ! -i lo -s 127.0.0.1 -j DROP BR, > > My iptables-rules regarding on this problem were looking so, > > ... > iptables -A INPUT -i ! lo -s 127.0.0.1 -j DROP > ... > > and i changed this line to, > > ... > iptables -A INPUT -i '!lo' -s 127.0.0.1 -j DROP > ... > > Now i am not sure, if this works correctly. <iptables -L> shows me the > device "!lo", > > ###################################################################### > Chain INPUT (policy DROP 0 packets, 0 bytes) > pkts bytes target prot opt in out source destination > 0 0 LOG all -- !lo any localhost anywhere > limit: avg 3/sec burst 5 LOG level warning prefix "Loopback > gespooft: " > 0 0 DROP all -- !lo any localhost anywhere > ###################################################################### > > but i am not sure if this works correctly. Does somebody knows if this > trick works correctly? > > regards Markus > -- > To unsubscribe from this list: send the line "unsubscribe netfilter" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html -- Eric Leblond Blog: http://home.regit.org/ - Portfolio: http://regit.500px.com/
Attachment:
signature.asc
Description: This is a digitally signed message part
