[lug] fc and iptables
Zan Lynx
zlynx at acm.org
Tue Sep 19 11:27:15 MDT 2006
On Tue, 2006-09-19 at 11:11 -0600, Ken MacFerrin wrote:
[snip]
> I'm not sure how you created your virtual interfaces but it's probably
> worth noting that iptables does not support virtual interfaces created
> using ifconfig for many operations. The preferred method is to create
> the interfaces using the "ip" tool from iproute and then provide
> "labels" such as "eth0:0". The Shorewall folks have some good info here:
> http://www.shorewall.net/Shorewall_and_Aliased_Interfaces.html
I don't believe you can support virtual interfaces of any sort, ifconfig
or "ip", in iptables. iptables has its own ways of doing the same
thing.
IP aliases are just IPs. So just use the regular interface name with a
different IP limit.
--
Zan Lynx <zlynx at acm.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20060919/080ea2b5/attachment.pgp>
More information about the LUG
mailing list