Hi: I have an ebox with 2 external (eth0 and eth1) NICs and an internal one (eth2). I have two web servers on the internal net, and I was hoping to publish them using redirects on the firewall module. So I added a first redirect like this:
Iface=eth0 protocol=tcp port=80 ip=10.10.1.14 dport=80 And it works. Now I want a similar redirect: Iface=eth1 protocol=tcp port=80 ip=10.10.1.14 dport=80 However, when I attempto to add this one, it complains saying that port 80 is already being used on a redirect or service and refuses to add it. I checked with netstat -natp and no service is running on tcp port 80, and the only other redirect is on a different interface, hence there should be no rule collision. Is there a bug here or is it an intended behaviour? If the later, why? Incidentally, since both tcp and udp (L4) ports are binded to IP addresses (L3) and not to interfaces (L2), I think ebox should ask for the listening IP (say, the public IP of interface eth1) instead of the interface itself. This is specially true since I can have several IPs on the same interface. Thanks, -- Eduardo J. Ortega U. _______________________________________________ Ebox-user mailing list [email protected] https://lists.warp.es/mailman/listinfo/ebox-user
