Re: [owl-users] VLAN + Owl

From: GalaxyMaster (galaxy@private)
Date: Sun Nov 12 2006 - 06:25:54 PST


Maxim,

On Sun, Nov 12, 2006 at 12:44:01PM +0300, Maxim Timofeyev wrote:

> In rc.local? Our /etc/rc.d/init.d/networks don't support vlan. ;(
> rc.local startup after iptables and other...

Do you have any problems with that?  I doubt it.  Moreover, I think that
setting firewalling stuff _before_ network interfaces are brought up is
a good idea.  For example:

-bash-3.1# iptables -A INPUT -i eth123 -j ACCEPT
-bash-3.1# iptables -L INPUT -xv
Chain INPUT (policy ACCEPT 541 packets, 43553 bytes)
    pkts      bytes target     prot opt in     out     source               destination
       0        0 ACCEPT     0    --  eth123 any     anywhere             anywhere
-bash-3.1# ip add ls
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:02:44:04:98:e1 brd ff:ff:ff:ff:ff:ff
    inet 172.16.0.77/24 brd 172.16.0.255 scope global eth0
-bash-3.1#

As you can see I have no eth123 device yet, but I could set the
appropriate iptables rule.

-- 
(GM)



This archive was generated by hypermail 2.1.3 : Sun Nov 12 2006 - 06:24:53 PST