[Firehol-support] Question about virtual interface
Tony Peña
emperor.cu at gmail.com
Fri Apr 26 23:46:35 BST 2013
Hi,...
I'm wondering how can i setup a firehol.conf with 1 physical and virtual at
same time
I got now a server outside of my country and is very difficult if i try to
setup iptables security and lost my conex...
I used firehol before, with normal ethernets... eth0 and eth1, but never
with eth0:1,...
So..
i got this...
eth0 and eth0:1 to into server from
internet.......cisco....[real-wan-ip] nat inside eth0....10.x.y.z
internet.......same cisco [real-wan-ip+1] nat inside eth0:1 ....10.x.y.z+1
if i try
interface eth0 phy-net
policy drop
server icmp accept
server ssh accept
cliente all accept
interface eth0:1 virt-net
policy drop
server icmp accept
server ssh accept
client all accept
i can't hit with icmp / ssh ping to eth0 or eth0:1...
for other reason i need to use this eth0:1 to can use other service running
on there.
any help will be appreciated...
my server is only supported now by fail2ban, to try keeping out attacks...
missing my firehol.conf to defender more harder..
question: if I type firehol try, and still can't commit the changes.. is
very secure to recover my conex if before my ssh is restore because have
now 0 rules applied ?
Thanxs in advance
--
Antonio Peña
Secure email with PGP 0x8B021001 available at http://pgp.mit.edu
Fingerprint: 74E6 2974 B090 366D CE71 7BB2 6476 FA09 8B02 1001
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.firehol.org/pipermail/firehol-support/attachments/20130426/8b940cce/attachment-0002.html>
More information about the Firehol-support
mailing list