On Mon, Nov 21, 2005 at 22:53:38 -0600, Jonathan Carpenter <jonathan.carpenter@xxxxxxxxx> wrote: > I message the list a few days ago on how to get a server setup with multiple > ip's everyone was very helpful, I was also wondering if I want to block ip's > to this server using iptables would I need to set rules per ip that the > machine has or just the main ip. For instance I have one server it's primary > ip is 10.1.1.1 <http://10.1.1.1> the other virtual ip are > 10.1.1.2<http://10.1.1.2> > ,10.1.1.3 <http://10.1.1.3>. Would I only have to configure iptables to > block ips to 10.1.1.1 <http://10.1.1.1> or all three ip's? If so how would I > go about this? If you don't specify a destination address than the rule will apply to any destination address. So that you can block all packets address to a particular port no matter which ip address was used for the machine. You might still end up having some rules that vary depending on the destination IP address, and for those you will need separate rules.