Re: [cobalt-users] 4i and ipchians question

["Charlie Clemmer" <cclemmer@xxxxxxxxxxxxxxxxxx>]

On Wed, 22 Oct 2003 14:11:26 -0400, William Lamb wrote
> I have a couple of 4i's I am setting up and trying to put the 
> finishing touches up on them now.  I got ipchains and pmfirewall 
> running except for one little hitch. Every time I start the firewall 
> it locks the secondary nics. So the only way around it at the moment 
> is to allow all from 192.168.1.0/24.  I am not too comfortable with 
> that in my rules.  So now I am trying to figure out how to make 
> independent rule sets for each nic.  The secondary nics are just for 
> SSH and RSYNC so that's the only ports I need to have open since 
> they are connected with a cross over.   Thanks,     Aaron Lamb  

When you're scripting your ipchains rules, you can use the -i argument to 
specify what device you're referring to. In this case, if you made sure each 
rule contained "-i eth0", then your rules would be applied to just your first 
nic, and not your second interface. You could then do separate filtering on 
eth1 as necessary to lock that down to ssh and rsync if you like.

HTH,
Charlie

-- 
This message has been scanned for viruses and dangerous content by
MailScanner, and is believed to be clean.