Alias reference in iptables

Alias reference in iptables

[Cloves Pereira Costa Jr]

Hi all...

I have a doubt...

I'm configuring a linux router and i will create some alias in the LAN
interface (eth1) for a network 10.1.1.0/27. For example:
eth1 --> 10.1.1.33
eth1:0 --> 10.1.1.65
eth1:1 --> 10.1.1.97
...

My question is: I can use in iptables rules the reference to the alias
interfaces (eth1:0, eth1:1, ...) or I can only refer to the main
interface (eth1)?

Example: iptables -A FORWARD -i eth1:0 -s 10.1.1.68 -o eth2 -d 10.1.2.5
-p tcp --dport 80 -j ACCEPT


[]s

-- 
Cloves Jr

Re: Alias reference in iptables

[Pascal Hambourg]

Hello,

Cloves Pereira Costa Jr a écrit :
> 
> I'm configuring a linux router and i will create some alias in the LAN
> interface (eth1) for a network 10.1.1.0/27. For example:
> eth1 --> 10.1.1.33
> eth1:0 --> 10.1.1.65
> eth1:1 --> 10.1.1.97
> ...
> 
> My question is: I can use in iptables rules the reference to the alias
> interfaces (eth1:0, eth1:1, ...)

No. IP aliases are just extra addresses, not interfaces. IP aliases are 
some kind of old IPv4-specific legacy used by ifconfig. They are not 
required to add extra IPv4 addresses to an interface and do not even 
exist in IPv6.

> or I can only refer to the main interface (eth1)?

Yes. Same with routing : you won't find any alias name in the routing table.