[TriLUG] iptables with more than 2 nics

Turnpike Man turnpike420 at yahoo.com
Mon May 3 10:31:37 EDT 2004


I'm no expert here, and my following example does not include more than 2 nics,
however, based on what you say and what I understand, using -i should be
working.  In the following example, note the INET_IFACE value and then further
down its usage in the $IPTABLES rules.  This is an old style manual iptables
script I recently quit utilizing... going to shorewall per persuasion of a few
TriLUG members (no OBSD and pf for me).

http://www.turnpike420.net/linux2/IPTables/iptables_for_corporate.txt

hth (if only slightly)
David M.

--- Ryan Leathers <ryan.leathers at globalknowledge.com> wrote:
> Im interested in setting up iptables on a host with several nics.  I
> thought this would be a snap but its got me stumped.  Now I must admit
> that I have a lot more experience with hardware firewalls (Cisco PIX)
> than with IPTABLES, and part of my problem may be that Im trying to see
> IPTABLES conform in some way to my tainted expectations.
> 
> In short, I want to assign rules on a per interface basis.  I want to
> masq between eth0 and eth1 as well as between eth0 and eth2.  I want
> eth1 to permit certain traffic and eth2 to permit a different set of
> traffic.  Simply plugging in "-i eth1" isn't getting me where I thought
> it would.
> 
> I have set up a number of IPTABLES instances where one or two nics were
> used, but can't find any examples of multi-nic iptables.  Can anyone
> point me to good examples?    
>  
> 
> -- 
> Ryan Leathers <ryan.leathers at globalknowledge.com>
> Global Knowledge
> 
> -- 
> TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ  : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
> TriLUG PGP Keyring         : http://trilug.org/~chrish/trilug.asc



	
		
__________________________________
Do you Yahoo!?
Win a $20,000 Career Makeover at Yahoo! HotJobs  
http://hotjobs.sweepstakes.yahoo.com/careermakeover 



More information about the TriLUG mailing list