Re: again problem with alias / virtual interface

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Batstru wrote:
Hi all!
I wrote days ago: I have a problem with virutal interface and iptables:
my pc has 2 network interface, one with a private network address and the
other one with

[snip]

-A INPUT -p tcp -m tcp -m state -i eth1:1 -d 82.186.92.91 --dport 25 --state
NEW -j ACCEPT

And here is the error.

As me (and I believe Antony, possibly others) already told you, Netfilter does not know about virtual interfaces. Virtual interfaces are abstractions that exist in higher levels of kernel than Netfilter is. Netfilter is concerned only on which *physical* interface the packet is. Replace "-i eth1:1" with "-i eth1" in above rule (and same for all other virtual interfaces you have) and you'll be fine:

-A INPUT -p tcp -m tcp -m state -i eth1 -d 82.186.92.91 --dport 25 --state NEW -j ACCEPT

--
Aleksandar Milivojevic <amilivojevic@xxxxxx>    Pollard Banknote Limited
Systems Administrator                           1499 Buffalo Place
Tel: (204) 474-2323 ext 276                     Winnipeg, MB  R3T 1L7


[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux