more iptables nitpicking

more iptables nitpicking

[Robert P. J. Day]

  putting together a tutorial on this stuff has made me really
read the docs closely, so another couple of nits to pick:

1) the man page opens with a list of options, including 
   iptables -[ADC] ...

   what's with the "-C"?  i know of no such option, and
   "iptables -h" doesn't mention it.

2) the man page also mentions the state match 

   -m pkttype --pkt-type ...

   was it deliberate to spell "pkttype" in two subtly different
   ways here?  that seems just a recipe for confusion.

rday

Re: more iptables nitpicking

[Jörg Schütter]

Hallo Robert,

On Wed, 29 Oct 2003 14:46:06 -0500 (EST)
"Robert P. J. Day" <rpjday@mindspring.com> wrote:

> 
>   putting together a tutorial on this stuff has made me really
> read the docs closely, so another couple of nits to pick:
> 
> 1) the man page opens with a list of options, including 
>    iptables -[ADC] ...
> 
>    what's with the "-C"?  i know of no such option, and
>    "iptables -h" doesn't mention it.

what version of iptables you are running? The verion on my firewall
(v1.2.6a) has the flag -C
"--check   -C chain            Test this packet on chain"
but it isn't implemented:
# iptables -C INPUT -s 192.168.7.33 -d 173.99.1.21 -p tcp -i eth0
"iptables: Will be implemented real soon.  I promise ;)"

Gruß
  Jörg

-- 
Jörg Schütter           http://www.lug-untermain.de/
joerg@schuetter.org     http://www.schuetter.org/joerg/
ICQ: 298982789          http://mypenguin.bei.t-online.de/