[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] PMFirewall and IPChains: Virtual Sites Stops Working

On Wednesday 16 January 2002 07:46 pm, Troy Arnold wrote:
> I think I found something related. Wanted everyones advice (especially
> Gerald's).
>
> On PMFirewall's mailing list I found the following...
>
> >I have my setup running 7 virtual iP's works fine...
> >first step is to open pmfirewall.conf in an editor....
> >then find this line.
> >OUTERNET=$OUTERIP/$OUTERMASK
> >and add something like this under it...
> >OUTERNET2=204.49.12.55/255.255.255.0
> >OUTERNET3=204.49.12.56/255.255.255.0
> >OUTERNET4=204.49.12.57/255.255.255.0
> >OUTERNET5=204.49.12.58/255.255.255.0
> >Where they are your virtual IP's
> >Then save and close that and open pmfirewall.rules.local
> >then simply replicate the allow rules that you want to work with the other
>
> interface and >replace OUTERNET in that rule with OUTERNET2, or OUTERNET3
> or OUTERNET4  >you get the idea...
>
> >as you have seen deny rules are not required as they are denied by
> > default. Restart pmfirewall with ./pmfirewall restart and you are off and
> > running..
>
> Does this sound right. I swear I tested this method but I am going to give
> it another shot. I have 32 ips I use for my virtual sites (all in a
> block)... any ideas on setting OUTERNET2 to a block of ips? instead of
> manually setting each one up. Wanted your input Gerald. What do you think?
>

I have 16 IP addresses and I use the original pmfirewall.conf script
and it works fine.
I have my /etc/rc.d/init.d/pmfirewall script print out the ip/mask when
it starts up.
By putting this at the end of the 'start' portion of the script (right after 
echo "done:

     echo ""
     echo "External: $OUTERIF   $OUTERNET"
This will print something like
External: eth0  1.2.3.46/255.255.255.240


-- 
Gerald Waugh
Registered Linux User 255245
Register at http://counter.li.org