On Mon, 2005-11-21 at 22:53 -0600, Jonathan Carpenter wrote: > I message the list a few days ago on how to get a server setup with > multiple ip's everyone was very helpful, I was also wondering if I > want to block ip's to this server using iptables would I need to set > rules per ip that the machine has or just the main ip. For instance I > have one server it's primary ip is 10.1.1.1 <http://10.1.1.1> the > other virtual ip are 10.1.1.2 <http://10.1.1.2>, 10.1.1.3 > <http://10.1.1.3>. Would I only have to configure iptables to > block ips to 10.1.1.1 <http://10.1.1.1> or all three ip's? If so how > would I go about this? I don't think you've really said enough about what you're hoping to do. But you can do wildcarding sort of rules, rules that apply to network blocks (e.g. 192.168.1.x, where x covers 0 to 255), rules that block everything, rules that allow some things, etc. So, you can, for example, block a webserver from everyone, then add one specific rule to allow access to it from one place. -- Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists.
