Jim Staunton wrote:
I have several SuSE 10.3 systems which have one network card but multiple ip addresses, the additional addresses are set up as aliases through YaST. For instance on one system, eth0 is x.y.z.69, eth0:1 is x.y.z.70 and eth0:2 is x.y.z.71.
Is there any way I can allow access to specific ports/services on specific ip addresses through YaST's SuSEfirewall2 module? I'm aware that I could do this 'manually' using iptables, but I'd prefer to do it the 'SuSE way' using YaST or entries in /etc/sysconfig/SuSEfirewall2 - always assuming there is a SuSE way to do this :-)
I'm thinking of rules such as "allow ssh access to the box only on x.y.z.69", "allow a webserver to be accessed on x.y.z.70", "allow a mailserver to be accessed on "x.y.z.71".
I've not really gotten into the suse firewall, so my answer is probably not representative. I've always used my own iptables scripts, since I have linux servers running 24/7 my own lan, do my own dns/dhcp, run web and mail servers here, and also have connections to a few server to server VPNs. I'd never found a suitably capable yet easy to use firewall solution. I'd looked at suse firewall and tried several popular solutions without finding anything more compelling than my iptables scripts. But I've recently discovered that the basic linux firewall module in webmin does everything I need. It was able to import my working iptables rules as a baseline, and adding new rules is fairly self explanatory. So, my suggestion is to check out the webmin linux firewall module. You might be pleasantly surprised. Joe -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org