[SunHELP] restrict outbound traffic of second interface
Dale Ghent
daleg at elemental.org
Tue Jan 11 23:50:18 CST 2005
On Jan 11, 2005, at 8:56 PM, Tim Gallagher wrote:
> From looking in the archives and google it appears that a simple "route
> add"
> statement should do it, but the precise syntax eludes me. Also, what
> is the
> best method to have it persist after reboots? ...a start script?
This is simple - just ifconfig up the interface with the correct
netmask and leave it at that.
So this means just configuring the interface via
/etc/hostsname.<interface> and /etc/netmasks to make only that network
visible through that interface. The best part is that you won't have to
add any route statements to do this.
If your backup network of 10.2.4.0 is a /24 for example, just put the
following in /etc/netmasks:
10.2.4..0 255.255.255.0
and the only network that your machine will know how to talk to through
that interface would be just 10.2.4.0/24, which I assume is what you
want.
Note that if you do not include that /etc/netmasks entry, ifconfig will
default to a /8 netmask because of the 10.0.0.0 address and will use it
to try to talk to any address on 10.0.0.0.
/dale
More information about the SunHELP
mailing list