Mailinglist Archive: opensuse-security (499 mails)

< Previous Next >
Re: [suse-security] IP alias and SuSE firewall
  • From: Peter van den Heuvel <peter@xxxxxxxxxxxxxxxx>
  • Date: Wed, 05 Jun 2002 12:15:15 +0200
  • Message-id: <3CFDE4B3.C0C391E1@xxxxxxxxxxxxxxxx>
> I need to configure our firwall machine for two different static IP
> addresses on the same ISDN dial-up interface.

> I did already configure the alias address for the interface and I can
> ping or connect to services from the local machine.
> But any packet coming from the internet via the dial-up line to the
> secondary IP address is rejected by the firewall (pakets to the primary
> address pass normally). I tried to configure
> FW_DEV_WORLD = "ippp0 ippp0:0"

Aliases in IPTABLES and IPCHAINS do not know aliases. There's no
ippp0:0, only ippp0. You can only distiguish by ip:
-i ippp0 -s 10.0.0.0/8
and
-i ippp0 -s 172.16.0.0/12
or something like that.

Got no clue about SuSE firewall though, but there's no way around the
alias limitiation.

Peter

< Previous Next >
References