I''m running a two-interface Red Hat 8 machine acting as a
firewall/router for a small local network. In addition, I have two
dial-in modems, which are ppp0 and ppp1. Users calling the modem
connected to ttyS0 are assigned the IP address 10.40.1.9, while users
calling the modem at ttyS1 are assigned 10.40.1.10. Depending on
which modem picked up first, the interface may be ppp0 for either
10.40.1.9. The same for ppp1.
I want to apply different rules to ttyS0 (10.40.1.9) than I do for
ttyS1 (10.40.1.10). Specifically, I want the users on 10.40.1.9 to be
blocked from using AIM/Yahoo/MSN/ICQ/Jabber, while I want the users
on 10.40.1.10 to have access to those services.
Currently my ppp connections are in one zone on interface ppp+. Is
there any way to have two ppp zones and have each zone associated
with the IP address I specify?
Thanks in advance. DAvid
Shorewall version 1.4.6b
==IP ADDR SHOW=1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:10:5a:11:ae:f7 brd ff:ff:ff:ff:ff:ff
inet 172.16.1.2/24 brd 172.16.1.255 scope global eth0
3: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:10:5a:e4:a2:d7 brd ff:ff:ff:ff:ff:ff
inet 10.40.1.1/24 brd 10.40.1.255 scope global eth1
==IP ROUTE SHOW=172.16.1.0/24 dev eth0 scope link
10.40.1.0/24 dev eth1 scope link
127.0.0.0/8 dev lo scope link
default via 172.16.1.1 dev eth0
==/etc/shorewall/interfaces=#ZONE INTERFACE BROADCAST OPTIONS
net eth0 172.16.1.2 routefilter
loc eth1 10.40.1.255 dhcp
ppp ppp+
==/etc/shorewall/zones=#ZONE DISPLAY COMMENTS
net Net Internet
loc Local Local Network
ppp PPP Dialin users