[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Ipchains an IP aliases - how to setup?



> >
> > All works OK.
> > Now i recived public adress too (213.x.x.x).
> > First i setup alias eth0:1
> > All works ok when ipchains is disabled.
> > When I enable ipchains (i use only default rules from /etc/ipmasq/rules
> > )
> > all packet are DENY.
> >
> > I found that eth0 and eth0:1 are treated as one interface eth0
> > in that scripts.
> >
> > Is possible to setup ipchains on interface with multiple aliases?
> 
> Not unless all traffic on that interface get the same rule.  Ipchains
> doesn't know about aliases.  Upgrade to iptables.

Hi,
	I was doing some tests with iptables and aliases not seems to work. 
	 Where have I do a mistake ?

	I used iproute2 to overload interface with some addr (see
NAT-advanced-howto). 
==Quickly example
#> ip addr add 192.168.100.1 dev eth0
#> ip addr list
2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
    link/ether 00:40:05:e3:a7:bd brd ff:ff:ff:ff:ff:ff
    inet 172.16.100.1/16 brd 172.16.255.255 scope global eth0
    inet 192.168.100.1/32 scope global eth0
3: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
    link/ether 00:e0:29:12:84:57 brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.1/24 brd 10.0.0.255 scope global eth1
    inet 10.0.4.1/24 brd 10.0.4.255 scope global eth1:1

after you can use postrouting and prerouting in nat table and so
 used iproute+iptables -t nat is a good idea ?

sorry for my poor english.

Benoit Lucazeau



Reply to: