RE: iptables and virtual net interfaces?

From: Terry (terry@goantiques.com)
Date: 01/17/02


From: "Terry" <terry@goantiques.com>
To: "Steve Wampler" <sbw@tapestry.tucson.az.us>, <focus-linux@securityfocus.com>
Date: Thu, 17 Jan 2002 11:21:44 -0500

The current version 1.23 of iptables ive been using for the last 9 months
does not. On a side note (being a little off topic), you might want to
consider putting an extra nic card in your firewall machine ( a specific
eth1 or eth2). If you're doing firewalling and natd like i am from the same
box, you'd be pretty much physically seperating your private network from
the outside by having the local machines interact solely with eth1 and
having your outside traffic interact with eth2. Then use iptables to control
how traffic to passes between them (no chance of rouge packets flying around
your network.. A definate must have if you use hubs instead of switches).
Just my opinion..

-Terry