RE: [vserver] using vserver eth-aliases in iptables

About this list Date view Thread view Subject view Author view Attachment view

From: John Lyons (support_at_nsnoc.com)
Date: Tue May 28 2002 - 09:41:02 EDT


> To do this, I added a new interface called eth0:web (my
> vserver name is
> web) and then when it adds the rules for it, iptables won't
> accept an -i
> eth0:web interface :-(
>
> Do you have any ideas if this is something that can be easily fixed?

This is the script I use for my firewall accounting.

IPTABLES="/sbin/iptables"
EXTERNAL_INTERFACE="eth0"
SUBNET1="1.2.3"
FIRST1=10
LAST1=50

I=$FIRST1;

while [ $I -le $LAST1 ]; do
    $IPTABLES -A INPUT -i $EXTERNAL_INTERFACE -d $SUBNET1.$I -j ACCEPT
    $IPTABLES -A OUTPUT -o $EXTERNAL_INTERFACE -s $SUBNET1.$I -j ACCEPT

    let I=$I+1;
done;

Regards

John Lyons
DomainCity
http://www.domaincity.co.uk
support_at_domaincity.co.uk
ICQ 74187012

***********************************************************************
Please quote your account number in the subject line of all emails.
Failure to do so may result in your enquiries taking longer to process.
***********************************************************************


About this list Date view Thread view Subject view Author view Attachment view

This archive was generated by hypermail 2.1.4 : Mon Aug 19 2002 - 12:01:01 EDT