> hi all,
> googling seems that i can't use multiple eth ( eg. eth0:0 ) in iptables rules
> and that a rule for eth0 will also affect all additional IPs; and this is
> that i knew.
> But if i use nessus to test all range of my IPs and i've no respose from eth0
> scan, but i've a lot of response from additional eth. Are they a wrong
> posivite?Is there something i don't know?...Could anyone explain me why this
> behavior?
>
> thanks a lot in advance
I use firehol (swup --install firehol) to set up the firewall (makes iptables
easy for me), and just put in /etc/firehol/firehol.conf (replace 1.2.3.4 and
1.2.3.5):
# eth0
interface eth0 internet0 dst 1.2.3.4
protection strong 10/sec
server "http ftp ICMP" accept
server ident reject with tcp-reset
client all accept
# eth0:1
interface eth0 internet1 dst 1.2.3.5
protection strong 10/sec
server "smtp" accept
server ident reject with tcp-reset
client all accept
http://firehol.sourceforge.net/ has docs about the use of the config file.
Maybe this helps.. (maybe not)
--
Ariën Huisken
_______________________________________________
tsl-discuss mailing list
[email protected]
http://lists.trustix.org/mailman/listinfo/tsl-discuss
