[TriLUG] iptables with more than 2 nics
David Rasch
rasch at raschnet.com
Mon May 3 10:24:55 EDT 2004
Ryan,
Part of the problem is likely that only certain rules "know" on what
interface the packet entered. If you're interested, I have an existing
shorewall configuration for my firewall which has 3 nics. One internet,
one intranet, and one for my wireless network (with limited internet
access, no smtp access, and only vpn access to my intranet).
It sounds to me like you're trying to do this configuration manually,
which although educational, will become a management headache at
some point :).
Feel free to contact me off list if you're interested in a copy of my
configs.
David
On Mon, May 03, 2004 at 10:18:48AM -0400, Ryan Leathers <ryan.leathers at globalknowledge.com> wrote:
> Im interested in setting up iptables on a host with several nics. I
> thought this would be a snap but its got me stumped. Now I must admit
> that I have a lot more experience with hardware firewalls (Cisco PIX)
> than with IPTABLES, and part of my problem may be that Im trying to see
> IPTABLES conform in some way to my tainted expectations.
>
> In short, I want to assign rules on a per interface basis. I want to
> masq between eth0 and eth1 as well as between eth0 and eth2. I want
> eth1 to permit certain traffic and eth2 to permit a different set of
> traffic. Simply plugging in "-i eth1" isn't getting me where I thought
> it would.
>
> I have set up a number of IPTABLES instances where one or two nics were
> used, but can't find any examples of multi-nic iptables. Can anyone
> point me to good examples?
>
>
> --
> Ryan Leathers <ryan.leathers at globalknowledge.com>
> Global Knowledge
>
> --
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
> TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
>
More information about the TriLUG
mailing list