Netfilter-Devel Archive on
 help / color / Atom feed
From: Phil Sutter <>
To: Pablo Neira Ayuso <>
Subject: Re: [iptables PATCH] xtables-translate: Fix for iface++
Date: Fri, 14 Feb 2020 13:57:18 +0100
Message-ID: <> (raw)
In-Reply-To: <20200214090024.tqfubfkvnczq5bcy@salvia>

Hi Pablo,

On Fri, Feb 14, 2020 at 10:00:24AM +0100, Pablo Neira Ayuso wrote:
> On Thu, Feb 13, 2020 at 02:04:36PM +0100, Phil Sutter wrote:
> > In legacy iptables, only the last plus sign remains special, any
> > previous ones are taken literally. Therefore xtables-translate must not
> > replace all of them with asterisk but just the last one.
> Interesting corner case.

I'm merely fixing the bugs I introduced earlier - old code (prior to my
initial fix for translating '+' as interface name) did it right,
considering only the last character for wildcard substitution and
leaving any earlier '+' chars in place. :)

Cheers, Phil

      reply index

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-02-13 13:04 Phil Sutter
2020-02-14  9:00 ` Pablo Neira Ayuso
2020-02-14 12:57   ` Phil Sutter [this message]

Reply instructions:

You may reply publically to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \ \ \ \ \

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Netfilter-Devel Archive on

Archives are clonable:
	git clone --mirror netfilter-devel/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 netfilter-devel netfilter-devel/ \
	public-inbox-index netfilter-devel

Example config snippet for mirrors

Newsgroup available over NNTP:

AGPL code for this site: git clone