On Sun, 25 Dec 2005 19:38:35 -0500, you wrote:
Michael W Cocke wrote:
On Sun, 25 Dec 2005 18:21:08 -0600, you wrote:
At 12/25/05 18:14, you wrote:
As I mentioned in another note, SUSE fireall supports NICs specified in the form of eth-id-00:05:5d:fe:fc:e4. Note that this contains the NIC MAC address. It's pretty hard to get confused by specifying the exact piece of hardware. About the only time this might cause some difficulty, is when you replace the NIC. At that point, you'll have to change the MAC address specified. I can see typos, with attendant security holes occurring this way, though. On my server's motherboard are two NIC chips built in--and their MAC addresses differ only in the last character of the last character pair.
I had the same thought as Eric, in addition to the fact that I don't use the SuSE firewall - I use shorewall, which is significantly more complex to configure (It's also significantly more flexible, so don't suggest that I change).
Do know for a fact, that it won't support NIC designations such as eth-id-00:05:5d:fe:fc:e4? Changing NICs in a firewall should be a fairly rare event. Changing NICs in a server shouldn't cause a problem. Face it. The old ethx method is obsolete, so you'd better get used to the new way.
Why do people always say things like this? I don't give a hang if you don't like how I configure my NICs and I don't see why you should care. It works, end of discussion. If and when I get to a point where I feel the need to change how I do things just to make you happy, I'll let you know. Mike- -- Mornings: Evolution in action. Only the grumpy will survive. -- Please note - Due to the intense volume of spam, we have installed site-wide spam filters at catherders.com. If email from you bounces, try non-HTML, non-encoded, non-attachments.