5 Jun
2002
5 Jun
'02
10:53
hi
Aliases in IPTABLES and IPCHAINS do not know aliases. There's no ippp0:0, only ippp0. You can only distiguish by ip: -i ippp0 -s 10.0.0.0/8 and -i ippp0 -s 172.16.0.0/12 or something like that.
Got no clue about SuSE firewall though, but there's no way around the alias limitiation. FW_DEV_EXT="eth0 eth0:0 eth0:0:1" works (SuSEfirewall2), but SuSEfirewall2 uses IP-addresses, not interfaces - therefore it's a bit tricky with dhcp-addresses ;-)
another funny thing is the wildcard character '+': * "iptables -A INPUT -j ACCEPT -i 'eth0:0' -d 10.100.4.216" does not work. * "iptables -A INPUT -j ACCEPT -i 'eth0+' -d 10.100.4.216" works for eth0:0 but not for eth0 (if you have just one virtual interface) regards, stefan