[capirca-dev] iptables interface "-i" option, need verbatim?
33 views
Skip to first unread message
Kristian Erik Hermansen
Apr 25, 2010, 8:28:31 PM4/25/10
to capir...@googlegroups.com
Hello,
In order to get capirca to render something like
-A INPUT -i lo -j ACCEPT
for iptables to allow any traffic on the loopback interface, is it
necessary to use the verbatim option? And if so, I was unable to
determine the proper usage. Thoughts? Thanks in advance.
Regards,
--
Kristian Erik Hermansen
--
Subscription settings: http://groups.google.com/group/capirca-dev/subscribe?hl=en
In order to get capirca to render something like
-A INPUT -i lo -j ACCEPT
for iptables to allow any traffic on the loopback interface, is it
necessary to use the verbatim option? And if so, I was unable to
determine the proper usage. Thoughts? Thanks in advance.
Regards,
--
Kristian Erik Hermansen
--
Subscription settings: http://groups.google.com/group/capirca-dev/subscribe?hl=en
Tony Watson
Apr 26, 2010, 9:40:43 AM4/26/10
to capir...@googlegroups.com
Capirca doesn't have support for interface specific rules at this point. As you noted, verbatim was added for special cases like these.
The verbatim:: line should look like the following:
term base-allow-lo0 {
comment:: "Allow all loopback communications"
verbatim:: iptables "-A INPUT -i lo -j ACCEPT"
Reply all
Reply to author
Forward
0 new messages