Results 1 to 2 of 2

Thread: Multiple public IP ranges on firewall / Keepalived

  1. #1
    Join Date
    Jan 2008

    Multiple public IP ranges on firewall / Keepalived


    I have currently a setup which contains a /27 range of 89.XX ip-addresses. I am using Ubuntu as my firewall ,now i received a new /26 range of 77.XX ip adddresses and i want to configure them as well on the same port in my firewallscript and keepalive config. Using eth0:1 is not working using IP-Tables and eth0 already has 1 89.XX ip assigned to itself.

    Any suggestions on how to get this configuration working ?

  2. #2
    Join Date
    May 2008

    Re: Multiple public IP ranges on firewall / Keepalived

    iptables will apply any eth0 rules to any virtual interfaces attached to eth0 (eth0:0, eth0:1, ...).

    You can also filter it separately using the new IP range, like `-d 77.xx.xx.xx/26'. So, to just accept all packets to the two ranges would require something like:

    iptables -A INPUT -i eth0 -d 89.xx.xx.xx/27 -j ACCEPT
    iptables -A INPUT -i eth0 -d 77.xx.xx.xx/26 -j ACCEPT
    If that still doesn't answer your question, you might try googling "iptables virtual interface" for other options.


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts