[Firehol-support] server per interface troubles
Les Stott
les at cyberpro.com.au
Tue Dec 11 21:37:21 GMT 2007
Les Stott wrote:
> Sunny Dubey wrote:
>
>> hey guys
>>
>> I have a server with eth0 and eth1, both have public IPs that fully work on
>> the Internet. I have configured my webserver to listen only on eth1, and
>> have verified that it fully works.
>>
>> But the moment I attempt to use the following rules ... I can't reach my web
>> server anymore. What gives ?
>>
>>
>> interface "eth0 eth1" internet
>>
>> # We allow some stuff in
>> server ssh accept
>> server smtp accept
>> server http accept inface eth1
>>
>> Any ideas ??
>>
>>
>>
> i don't think you can do that with a server statement.
>
> you should just do this......
>
> interface eth0 internet
> # We allow some stuff in
> server ssh accept
> server smtp accept
>
> interface eth1 web-internet
> server http accept
>
> Its easier to follow that way.
>
>
but of course you remember something after you hit the send button ;)
you can do it like this.....
interface "eth0 eth1" internet
# We allow some stuff in
server ssh accept
server smtp accept
group with dst "<IPADDRESSofETH1>"
server http accept
group end
Regards,
Les
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.firehol.org/pipermail/firehol-support/attachments/20071212/b5ce0a4e/attachment-0003.html>
More information about the Firehol-support
mailing list