Menu

#2 Problems filtering on a virtual interface

open
nobody
None
5
2004-10-21
2004-10-21
MikeC
No

Hi, pfilter seems to work perfectly with eth0, but I
can't seem to get it to behave with a virtual i/f, say
eth0:priv. By that I mean that it ignores any ports
I've asked to be opened for traffic using that virtual
i/f. Here are the relevant parts from the pfilter.conf
file:

PUBLIC ALL
%define condor_nodes 172.24.116.0/24
OPEN udp 9600:9700 FROM %condor_nodes%
OPEN tcp 9600:9700 FROM %condor_nodes%

Note that if I try to specify the following:

OPEN udp 9600:9700 FROM %condor_nodes% on
eth0:priv

then pfilter fails to start with:

Restarting pfilter /usr/sbin/pfilter: error -
/usr/sbin/pfilter: error - invalid interface name
<eth0:priv> for open on line 117 in /etc/pfilter.conf

even though ifconfig gives:

eth0:priv Link encap:Ethernet HWaddr 00:07:E9:95:18:49
inet addr:172.24.116.7 Bcast:172.24.116.255
Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:11 Base address:0xdc00
Memory:ff9ff000-ff9ff038

I'm running v1.707 on Suse 9.0.

Thanks for any help!

MC

Discussion


Log in to post a comment.

Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.