[Firewall] Multiple (aliased) external IPs on one interface?
lists at lonnie.abelbeck.com
Mon Jun 10 18:55:00 CEST 2013
iptables can not handle alias labels such as eth0:0, instead you can use the associated IP address, for example:
ip addr add 220.127.116.11/32 dev eth0 label eth0:1
ip addr add 18.104.22.168/32 dev eth0 label eth0:2
Then prefix the AIF rule with "22.214.171.124#" or "126.96.36.199#" for NAT_FORWARD_TCP and such, for example:
On Jun 10, 2013, at 10:41 AM, Rich wrote:
> I have a server with multiple IP addresses for the one interface (so I can run separate ssl services on 443).
> The IPs were set up with the (Debian) ip command:
> ip addr add 188.8.131.52/24 dev eth0 label eth0:0
> When I enter eth0:0 in as an interface as an external interface in the firewall config, it says "eth0:0 does not exist (yet?)" on restarting the firewall, which I think means it's not working.
> Can Arno-Iptables-Firewall handle this scenario? (and then, is it possible to open different ports on the different interfaces?)
> Firewall mailing list
> Firewall at rocky.eld.leidenuniv.nl
> Arno's (Linux IPTABLES Firewall) Homepage:
More information about the Firewall