Hi all, I have a firewall with two interfaces on the same ethernet. I'm wondering if I can filter by "virtual/alias" interfaces?
For example, let's say I have 2 "real" interfaces and a "virtual": (Network A) <--> eth0 + eth0:1 (Firewall) eth1 <--> (Network B) Say for example: eth0 = 10.0.0.253/24 eth0:1 = 10.0.0.254/24 devices/systems in Network A may have either 10.0.0.253 or 10.0.0.254 as their default gateway when communicating to Network B. Which of the following would be correct? Scenario 1: iptables -A FORWARD -i eth0 -o eth1 -s <network A> -d <network B> -j ACCEPT iptables -A FORWARD -i eth0:1 -o eth1 -s <network A> -d <network B> -j ACCEPT Scenario 2: iptables -A FORWARD -i eth0 -o eth1 -s <network A> -d <network B> -j ACCEPT Thanks for any help, D. __________________________________________________ Do You Yahoo!? Yahoo! Health - your guide to health and wellness http://health.yahoo.com
