Mailinglist Archive: opensuse-security (499 mails)

< Previous Next >
RE: [suse-security] IP alias and SuSE firewall
  • From: Peer Stefan <stefan.peer@xxxxxxxx>
  • Date: Wed, 5 Jun 2002 12:53:23 +0200
  • Message-id: <3559BA35534FD511A1200002557C39B019D339@xxxxxxxxxxxxxxxxxxxxx>
> Aliases in IPTABLES and IPCHAINS do not know aliases. There's no
> ippp0:0, only ippp0. You can only distiguish by ip:
> -i ippp0 -s
> and
> -i ippp0 -s
> or something like that.
> Got no clue about SuSE firewall though, but there's no way around the
> alias limitiation.
FW_DEV_EXT="eth0 eth0:0 eth0:0:1" works (SuSEfirewall2), but SuSEfirewall2
uses IP-addresses, not interfaces - therefore it's a bit tricky with
dhcp-addresses ;-)

another funny thing is the wildcard character '+':
* "iptables -A INPUT -j ACCEPT -i 'eth0:0' -d" does not work.
* "iptables -A INPUT -j ACCEPT -i 'eth0+' -d" works for
eth0:0 but not for eth0 (if you have just one virtual interface)


< Previous Next >
This Thread
Follow Ups