So I have a server hosted at Serverbeach (Debian Etch). This box has an IP (eth0) in one subnet (192.168.0.2 netmask 255.255.255.128). I have also been granted 3 extra IPs (eth0:0, eth0:1, eth0:2) in another subnet (192.168.1.2 through 192.168.1.4 netmask 255.255.255.0). I have read through the Aliased IP docs, but still can't seem to get it to work. My goal is to have EACH of the IPs be able to be able controlled (e.g. I would like each IP to have its own zone). Here is what I have setup:
zones: fw firewall net0 ipv4 net1 ipv4 net2 ipv4 net3 ipv4 interfaces: - eth0 192.168.0.128,192.168.1.255 norfc1918,routefilter,dhcp,tcpflags,logmartians,nosmurfs (NOTE: I tried without any options) hosts: net0 eth0:192.168.0.2 net1 eth0:192.168.1.2 net2 eth0:192.168.1.3 net3 eth0:192.168.1.4 policy: $FW net0 ACCEPT net0 $FW ACCEPT net0 all ACCEPT $FW net1 ACCEPT net1 $FW ACCEPT net1 all ACCEPT $FW net2 ACCEPT net2 $FW ACCEPT net2 all ACCEPT $FW net3 ACCEPT net3 $FW ACCEPT net3 all ACCEPT all all REJECT info There are no rules set since the policy is set to ACCEPT for all for testing purposes. If I startup shorewall with (safe-start and this config) my server drops off the earth for 60 seconds. Does anyone see anything wrong with this config? Thanks in advance. Let me know if you need any other info, but everything else on the box shorewall related is default config (basically empty). -Eric ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
