thr3ads.net - Shorewall users - [Shorewall-users] Extension scripts and IP alias [Aug 2003]

If this information is useful, please help other people find it:
Share via:

Julien Tognazzi

2003-Aug-06 01:41 UTC

[Shorewall-users] Extension scripts and IP alias

Hello,

I''m not sure how I should do what I need...
My current iptables fw (not yet shorewall) has 3 IP aliases:
 - One for a static nat box
 - One for masquerading
 - and one for port forwarding DNAT to an inside box

I found how to tell shorewall to create the IP alias for the first two,
but not for the DNAT one.

Can someone confirm that this is currently not possible ?

Then I tried to create this last alias with the extension script, 
so in "start" I have run_ip addr add ....
and in "stop" run_ip addr del

But as the start script is also run during shorewall restart (but not
the stop script), it fails because the alias already exists.

(hmm, I''m not sure I make myself clear...)

What could be the best way to achieve this particular config ?

thanks for any advice.
-- 
Julien Tognazzi <Julien.Tognazzi@auteuil.inserm.fr>
Inserm - MSSI

Tom Eastep

2003-Aug-06 07:22 UTC

head link

[Shorewall-users] Extension scripts and IP alias

On Wed, 2003-08-06 at 01:41, Julien Tognazzi wrote:
> 
> What could be the best way to achieve this particular config ?
> 
Why don''t you simply use your distribution''s mechanism for
creating
aliases?

-Tom
-- 
Tom Eastep    \ Shorewall - iptables made easy
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net

Shorewall users - Aug 2003 - Extension scripts and IP alias

[Shorewall-users] Extension scripts and IP alias

[Shorewall-users] Extension scripts and IP alias