I needed to do the same thing but I could not, I ended up filtering by the IP address and taking the interface out all together.
----- Original Message ----- From: "Designer Seven" <[EMAIL PROTECTED]> To: "Netfilter Mailing List" <[EMAIL PROTECTED]> Sent: Wednesday, May 01, 2002 9:15 PM Subject: Can I filter on alias interfaces? > Hi all, > > I have a firewall with two interfaces on the same ethernet. I'm wondering if I > can filter by "virtual/alias" interfaces? > > For example, let's say I have 2 "real" interfaces and a "virtual": > > (Network A) <--> eth0 + eth0:1 (Firewall) eth1 <--> (Network B) > > Say for example: > > eth0 = 10.0.0.253/24 > eth0:1 = 10.0.0.254/24 > > devices/systems in Network A may have either 10.0.0.253 or 10.0.0.254 as their > default gateway when communicating to Network B. > > Which of the following would be correct? > > Scenario 1: > iptables -A FORWARD -i eth0 -o eth1 -s <network A> -d <network B> -j ACCEPT > iptables -A FORWARD -i eth0:1 -o eth1 -s <network A> -d <network B> -j ACCEPT > > Scenario 2: > iptables -A FORWARD -i eth0 -o eth1 -s <network A> -d <network B> -j ACCEPT > > Thanks for any help, > D. > > __________________________________________________ > Do You Yahoo!? > Yahoo! Health - your guide to health and wellness > http://health.yahoo.com
