RE: sub interface filtering

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

http://lartc.org/

-----Original Message-----
From: Qunwei Chen [mailto:chenqunwei@xxxxxxxxx] 
Sent: Friday, April 04, 2003 5:31 PM
To: netfilter@xxxxxxxxxxxxxxxxxxx
Subject: Re: sub interface filtering

I tried the google for "Advanced Traffic and Routing Howto" but failed 
to find it. Does anyone have the location of this document?

Thanks in advance,

Qunwei

Daniel Chemko wrote:

>The Advanced Traffic and Routing Howto had everything I needed. It can
>show you how to setup its IP settings etc.. If you want to integrate
>into IPTables, the following example shows how simply this can be
>accomplished.
>
>$ ip address list
>1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue 
>    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
>    inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
>2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
>    link/ether 11:11:11:11:11:11 brd ff:ff:ff:ff:ff:ff
>    inet 192.168.1.2/24 brd 192.168.1.255 scope global eth0
>    inet 192.168.1.111/32 scope global eth0
>3: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
>    link/ether 11:11:11:11:11:11 brd ff:ff:ff:ff:ff:ff
>    inet 192.168.2.1/24 brd 192.168.1.255 scope global eth1
>
>You notice that there are 2 addresses on the same interface eth0. I
want
>to forward each IP address to a separate machine on a different subnet
>in this case, so I would do the following:
>
>iptables -t nat -A PREROUTING -j DNAT --destination 192.168.1.2 --to-
>destination 192.168.2.2
>
>iptables -t nat -A PREROUTING -j DNAT --destination 192.168.1.111 --to-
>destination 192.168.2.111
>
>You could have included "-i eth0" if you really wanted to, but unless
>you have the same IP address bolted to different interfaces, I don't
see
>that mattering much. 
>
>
>-----Original Message-----
>From: Mike [mailto:mikeeo@xxxxxxx] 
>Sent: Wednesday, April 02, 2003 12:34 PM
>To: Daniel Chemko; netfilter@xxxxxxxxxxxxxxxxxxx
>Subject: Re: sub interface filtering
>
>I hate to ask but do you have and example of using iproute2 for IP
>address aliases?
>
>Thanks,
>Mike
>
>
>  
>
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux