Would not be able to block spoofed ip's though from 192.168.0.0 network.... -----Original Message----- From: redhat-list-admin@xxxxxxxxxx [mailto:redhat-list-admin@xxxxxxxxxx]On Behalf Of Sasa Stupar Sent: Tuesday, November 04, 2003 2:34 AM To: redhat-list@xxxxxxxxxx Subject: Re: Can iptables do this? In the configuration you have option if you want to have a router or not. So you can have only firewall without gateway and for so you don't need two NIC. Ding Li wrote: > No. I don't want the server to be a gateway for the other m/c. All the > other m/c don't need to > have access to the internet. Can I do this with only one network card? > I did some > search on google. Someone said it is ip aliasing and may need to > compile the kernel. But I don't > know the details. > > I know it's much easier to set it up if I have two network cards. > > Ding > > cldavis99@xxxxxxxxxxxxx wrote: > >> More info plz... >> >> Are you using this as a gateway to the internet for the other computers? >> >> If so, it's worth the $20 for another NIC. >> >> -----Original Message----- >> From: redhat-list-admin@xxxxxxxxxx >> [mailto:redhat-list-admin@xxxxxxxxxx]On Behalf Of Sasa Stupar >> Sent: Tuesday, November 04, 2003 1:44 AM >> To: redhat-list@xxxxxxxxxx >> Subject: Re: Can iptables do this? >> >> >> Ding Li wrote: >> >> >> >>> My server has only one network card and I put two ip addresses on >>> it. One is the normal one and the other is the local network >>> address. The problem is HOW can I disable the firewall(iptables) >>> within the local network(eth0:0) and only within the local network? >>> Say I can connect to the server from any machine within the local >>> network,say 192.168.0.2, or 192.168.0.10. But I can't connect to the >>> server from outside,say 128.97.10.100 unless >>> I use ssh. >>> >>> # /sbin/ifconfig >>> eth0 Link encap:Ethernet HWaddr 00:B0:D0:17:CB:63 >>> inet addr:128.97.10.123 Bcast:128.97.10.255 >>> Mask:255.255.255.0 >>> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 >>> RX packets:152377 errors:0 dropped:0 overruns:1 frame:0 >>> TX packets:19528 errors:0 dropped:0 overruns:0 carrier:0 >>> collisions:459 txqueuelen:100 >>> RX bytes:18778612 (17.9 Mb) TX bytes:14614270 (13.9 Mb) >>> Interrupt:11 Base address:0xec00 >>> >>> eth0:0 Link encap:Ethernet HWaddr 00:B0:D0:17:CB:63 >>> inet addr:192.168.0.1 Bcast:192.168.0.255 Mask:255.255.255.0 >>> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 >>> RX packets:152377 errors:0 dropped:0 overruns:1 frame:0 >>> TX packets:19528 errors:0 dropped:0 overruns:0 carrier:0 >>> collisions:459 txqueuelen:100 >>> RX bytes:18778612 (17.9 Mb) TX bytes:14614270 (13.9 Mb) >>> Interrupt:11 Base address:0xec00 >>> >>> lo Link encap:Local Loopback >>> inet addr:127.0.0.1 Mask:255.0.0.0 >>> UP LOOPBACK RUNNING MTU:16436 Metric:1 >>> RX packets:47572 errors:0 dropped:0 overruns:0 frame:0 >>> TX packets:47572 errors:0 dropped:0 overruns:0 carrier:0 >>> collisions:0 txqueuelen:0 >>> RX bytes:3471556 (3.3 Mb) TX bytes:3471556 (3.3 Mb) >>> >>> Ding >>> >>> >>> >> >> Consider using Firestarter http://firestarter.sourceforge.net >> GUI frontend for iptables, runs in GNOME, very easy for managing >> iptables. >> >> >> >> > > -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
