[SunHELP] restrict outbound traffic of second interface
Tim Gallagher
timg98376 at comcast.net
Wed Jan 12 11:37:13 CST 2005
I am missing how a line in /etc/netmasks is being associated with only the
second interface and not the primary also.
-----Original Message-----
From: sunhelp-bounces at sunhelp.org [mailto:sunhelp-bounces at sunhelp.org]On
Behalf Of Dale Ghent
Sent: Tuesday, January 11, 2005 9:50 PM
To: The SunHELP List
Subject: Re: [SunHELP] restrict outbound traffic of second interface
On Jan 11, 2005, at 8:56 PM, Tim Gallagher wrote:
> From looking in the archives and google it appears that a simple "route
> add"
> statement should do it, but the precise syntax eludes me. Also, what
> is the
> best method to have it persist after reboots? ...a start script?
This is simple - just ifconfig up the interface with the correct
netmask and leave it at that.
So this means just configuring the interface via
/etc/hostsname.<interface> and /etc/netmasks to make only that network
visible through that interface. The best part is that you won't have to
add any route statements to do this.
If your backup network of 10.2.4.0 is a /24 for example, just put the
following in /etc/netmasks:
10.2.4..0 255.255.255.0
and the only network that your machine will know how to talk to through
that interface would be just 10.2.4.0/24, which I assume is what you
want.
Note that if you do not include that /etc/netmasks entry, ifconfig will
default to a /8 netmask because of the 10.0.0.0 address and will use it
to try to talk to any address on 10.0.0.0.
/dale
_______________________________________________
SunHELP maillist - SunHELP at sunhelp.org
http://www.sunhelp.org/mailman/listinfo/sunhelp
More information about the SunHELP
mailing list