[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Firewall rules with multiple IP's - Part II

From: "Rodolfo J. Paiz" <rpaiz indahaus com>
To: redhat-list redhat com
Subject: Firewall rules with multiple IP's - Part II
Date: Mon, 01 Oct 2001 14:58:35 +0000

We've established that this works for *two* IP's on *one* interface:

for IP in 111.222.333.444 111.222.333.445 ; do
        ipchains -A input -i eth0 -p tcp -d $IP 80 -j ACCEPT
        ipchains -A output -i eth0 -p tcp ! -y -s $IP 80 -j ACCEPT
done

However, the reality is that:

111.222.333.444  -->  eth0
111.222.333.445  -->  eth0:0

May I trouble you all with helping me figure this out? I think something like this...

for i in 1 2 ; do
        case $i = 1;;
                $IP  = 111.222.333.444
                $ETH = "eth0"
        case $i = 2;;
                $IP  = 111.222.333.445
                $ETH = "eth0:0"
        esac

        ipchains -A input -i eth0 -p tcp -d $IP 80 -j ACCEPT
        ipchains -A output -i eth0 -p tcp ! -y -s $IP 80 -j ACCEPT
done

Does this make sense? Am I reinventing the wheel somewhere here?

Sorry to ask basic questions, but I need to move my network quickly and I'm having some trouble learning all this as quickly as I need it.

Thanks!


--
Rodolfo J. Paiz
rpaiz indahaus com

Follow-Ups:
- cannot comile anything
  - From: eicherlist
- Re: Firewall rules with multiple IP's - Part II
  - From: Stephen Torri

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]