> > -A INPUT -p tcp -m tcp -m state -i eth1:1 -d 82.186.92.91 --dport 25 --state > > NEW -j ACCEPT > > And here is the error. > > As me (and I believe Antony, possibly others) already told you, > Netfilter does not know about virtual interfaces. Virtual interfaces > are abstractions that exist in higher levels of kernel than Netfilter > is. Netfilter is concerned only on which *physical* interface the > packet is. Replace "-i eth1:1" with "-i eth1" in above rule (and same > for all other virtual interfaces you have) and you'll be fine: > > -A INPUT -p tcp -m tcp -m state -i eth1 -d 82.186.92.91 --dport 25 > --state NEW -j ACCEPT I've tried with just eth1 but the rule is not applied, or it seems not to be applied I've seen that using virtual interfaes is deprecated so I tryed to set multilple ip with iproute. If I set network interfaces only with iproute and not with ifconfig, network configuration seems to be absent. If I set network with ifconfig and not with iproute, network configuration seems ok So I can't to use iproute (to set interfaces) and iptables becacuse network configuration is absent. best regards marco -- Email.it, the professional e-mail, gratis per te: http://www.email.it/f Sponsor: Rinfresca la tua estate con i climatizzatori ed i ventilatori * che trovi disponibili? Crios, Orieme, Hokkaido, Argo, Carrier, Vortice Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?mid=2650&d=20-7
