[H-GEN] IPTables problem

Harry Phillips harry at tux.com.au
Mon Jul 19 05:47:15 EDT 2004


Robert Brockway wrote:
> 
> Hi Harry.  The switch -i is for an interface not an IP address, so you
> would use eth0 or eth0:0.  I'm surprised you are not getting an error on
> this.

I thought that was what I wanted but I am now getting the error you were 
after :) Looks like iptables can't handle aliases.

EXT_IF=eth0:0

Warning: weird character in interface `eth0:0' (No aliases, :, ! or *).

Using the -d switch does a job, but not the one I want, no-one gets in:

iptables -A INPUT -d $EXT_IF -s $MYIP -p tcp --syn --destination-port 22 
-j ACCEPT
iptables -A INPUT -d $EXT_IF -j DROP

-- 
Regards,
Harry Phillips




More information about the General mailing list