[prev in list] [next in list] [prev in thread] [next in thread] 

List:       netfilter
Subject:    Re: Double stack IPv4&&IPv6 for a firewall
From:       Amos Jeffries <squid3 () treenet ! co ! nz>
Date:       2012-08-28 12:21:48
Message-ID: 503CB7DC.0 () treenet ! co ! nz
[Download RAW message or body]

On 29/08/2012 12:08 a.m., Arturo Borrero wrote:
> On 28/08/12 13:45, Amos Jeffries wrote:
>> I use a wrapper generator called "ferm". It generates the 
>> iptables/ip6tables once with a lot of flexibility, then uses 
>> iptables-save/restore to operate the system.
>
> Reading `ferm' documentation, it seems that the original issue is 
> still latent:
>
> domain [ip|ip6]
>
> You have yo choose one of the two keywords, what forces you to write 
> the firewall twice.
>
> Or i'm wrong?
>

If you wish you can write "domain (ip ip6) { .. } ". which expands the 
.. rules list for both.

AYJ
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[prev in list] [next in list] [prev in thread] [next in thread]