RE: [pmfirewall] Probable FAQ

From: Franki (franki@gshop.com.au)
Date: Thu May 31 2001 - 23:21:07 PDT

• Next message: Steven W. Orr: "[pmfirewall] Question about how to do it with RH-7.1."
• Previous message: Robert Kearey: "[pmfirewall] Probable FAQ"
• In reply to: Robert Kearey: "[pmfirewall] Probable FAQ"
• Next in thread: Steven W. Orr: "[pmfirewall] Question about how to do it with RH-7.1."
• Reply: Steven W. Orr: "[pmfirewall] Question about how to do it with RH-7.1."

I have my setup running 7 virtual iP's works fine...

first step is to open pmfirewall.conf in an editor....

then find this line.

OUTERNET=$OUTERIP/$OUTERMASK

and add something like this under it...

OUTERNET2=204.49.12.55/255.255.255.0
OUTERNET3=204.49.12.56/255.255.255.0
OUTERNET4=204.49.12.57/255.255.255.0
OUTERNET5=204.49.12.58/255.255.255.0

Where they are your virtual IP's

Then save and close that and open pmfirewall.rules.local

then simply replicate the allow rules that you want to work with the other
interface
and replace OUTERNET in that rule with OUTERNET2, or OUTERNET3 or OUTERNET4
you get the idea...

as you have seen deny rules are not required as they are denied by default.

Restart pmfirewall with ./pmfirewall restart and you are off and running..

hope this helps,,,

regards

Frank

-----Original Message-----
From: owner-pmfirewall@pointman.org
[mailto:owner-pmfirewall@pointman.org]On Behalf Of Robert Kearey
Sent: Friday, 1 June 2001 10:22 AM
To: pmfirewall@pointman.org
Subject: [pmfirewall] Probable FAQ

This is probably a FAQ, but anway.

Is it possible to use pmfirewall on a single NIC with two virtual
interfaces? For example, eth0 and eth0:0.

I'm attempting to do this, but the all ports on the card are being
blocked - not what I want.

--
Rob Kearey
Red Hat Asia-Pacific
+617 3872 4803
****************************************************************************
* To UNSUBSCRIBE from the list, send a message with "unsubscribe pmfirewall"
* in the message body to majordomo@pointman.org. Please direct other
* questions, comments, or problems to pmfirewall-owner@pointman.org.
*
*           Need answers fast? Check the list archive located at:
*             http://www.pointman.org/PMFirewall/list-archive/
*
****************************************************************************
* To UNSUBSCRIBE from the list, send a message with "unsubscribe pmfirewall"
* in the message body to majordomo@pointman.org. Please direct other
* questions, comments, or problems to pmfirewall-owner@pointman.org.
*
*           Need answers fast? Check the list archive located at:
*             http://www.pointman.org/PMFirewall/list-archive/
*

• Next message: Steven W. Orr: "[pmfirewall] Question about how to do it with RH-7.1."
• Previous message: Robert Kearey: "[pmfirewall] Probable FAQ"
• In reply to: Robert Kearey: "[pmfirewall] Probable FAQ"
• Next in thread: Steven W. Orr: "[pmfirewall] Question about how to do it with RH-7.1."
• Reply: Steven W. Orr: "[pmfirewall] Question about how to do it with RH-7.1."

This archive was generated by hypermail 2b29 : Sun Jun 10 2001 - 02:41:42 PDT