Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 12 Nov 2006 17:25:54 +0300
From: "(GalaxyMaster)" <>
Subject: Re: VLAN + Owl


On Sun, Nov 12, 2006 at 12:44:01PM +0300, Maxim Timofeyev wrote:

> In rc.local? Our /etc/rc.d/init.d/networks don't support vlan. ;(
> rc.local startup after iptables and other...

Do you have any problems with that?  I doubt it.  Moreover, I think that
setting firewalling stuff _before_ network interfaces are brought up is
a good idea.  For example:

-bash-3.1# iptables -A INPUT -i eth123 -j ACCEPT
-bash-3.1# iptables -L INPUT -xv
Chain INPUT (policy ACCEPT 541 packets, 43553 bytes)
    pkts      bytes target     prot opt in     out     source               destination
       0        0 ACCEPT     0    --  eth123 any     anywhere             anywhere
-bash-3.1# ip add ls
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet brd scope host lo
2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:02:44:04:98:e1 brd ff:ff:ff:ff:ff:ff
    inet brd scope global eth0

As you can see I have no eth123 device yet, but I could set the
appropriate iptables rule.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.