On 2009/06/06 05:04, Simon Kjikàqawej Côté <simon.ra...@gmail.com> wrote:
> ferm:
> chain ftp_whitelist {
> saddr ($WL_HOSTS) mod recent remove name FTP rsource ACCEPT;
> }
>
> iptables-save:
> -A ftp_whitelist --source ::1/128 --match recent --remove --name FTP
> --rsource --jump ACCEPT
> -A ftp_whitelist --source 192.168.1.1/24 --match recent --remove --name FTP
> --rsource --jump ACCEPT
> -A ftp_whitelist --source fe80::208:c7ff:febb:7df8/64 --match recent --remove
> --name FTP --rsource --jump ACCEPT
>
> Why would it insert that?
You forgot to paste the definition of $WL_HOSTS. Probably it contains
these three addresses, two of them IPv6 and one IPv4. ferm does not
evaluate or care about the nature of these values, it just forwards
your input to iptables(-restore), and it won't sort out address
families which are not valid in the current domain.
> Maybe I'm reading into your question too much, be it seemed to me you
> took it personally that I filed a bug on this. It isn't ;).
No. I'm just trying to analyze your problem.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
