Le ven 15/10/2004 à 16:25, Andre Correa a écrit : > Hi, there is really no meaning on setting rules for subinterfaces, If > you need to segment your network and can't plug new NICs look for VLANs. > You can apply rules indicating VLAN interfaces (-i and -o) like this: > eth0.100, eth0.200, etc... Definitly true. Different IP addresses spaces on the same ethernet segment are a joke to fool. > Somebody correct me if I'm wrong but this was made possible under >= 2.6 > kernel versions, on 2.4.x you can't do it too. VLAN support is available for kernel >= 2.4.14 and 2.6. Otherwise, you can find patches for >=2.2.13 at : http://www.candelatech.com/~greear/vlan.html You can also find a "Linux VLAN + Cisco" HOWTO at : http://www.candelatech.com/~greear/vlan/cisco_howto.html -- http://www.netexit.com/~sid/ PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE >> Hi! I'm your friendly neighbourhood signature virus. >> Copy me to your signature file and help me spread!
