On 5/11/05, Ashley M. Kirchner <ashley@xxxxxxxxxx> wrote: > The firewall machine has a public IP on eth0. I'm going to add > another on eth0:0 (in the future I'll continue adding to eth0:1, eth0:2, > etc., etc.) > ... > But that assumes the request comes in on the primary (eth0) > address. How can I tell it to listen on the eth0:0 address/interface? In general the -i and -o options to iptables only allows you to match real network interfaces; it can not distinguish among any virtual or secondary addresses. To do what you want you need to use ip address matching,-d or -s, in combination with the interface, -i or -o, options. -- Deron Meranda
