Hi,
check out www.suse.de/~marc
The SuSEfwirewall 1.1 should be much better than the stuff on the current
distribution.
cheers
afx
----- Forwarded message from Jochen Mader -----
Mailing-List: contact suse-security-help@suse.com; run by ezmlm
X-No-Archive: yes
list-help: mailto:suse-security-help@suse.com
list-unsubscribe: mailto:suse-security-unsubscribe@suse.com
list-post: mailto:suse-security@suse.com
X-Mailinglist: suse-security
From: Jochen Mader
Organization: TEG
To: suse-security@suse.com
Date: Sun, 10 Oct 1999 17:00:49 +0200
Subject: [suse-security] Firewall with SuSE 6.2
I'm using SuSE 6.2 with the firewall package version 2.2 and decided to set up a
firewall to protect our servers because of the growing number of portscanns and
attacks showing up in my logs.
I'm totally new to that whole thing and I just don't get it what's wrong.
I got an internal net (192.168.0.0/24) and an external net (*.*.*.128/28), they
are connected through masquerading (works fine). The thing I'm trying to do is
to set up another box protecting the external net. The problem is that I got a
router (*.*.*.129) stting in that external net which is handling the connections
to the internet, so I have to let all the traffic of the router pass through
the firewall. According to the documentation it should be no problem as it is
exactly the thing mentioned at the end of it..
So I set up a test-network with 3 PCs that resembles the real network the
firewall is supposed to protect:
I'M NOT FIREWALLING ANY PORTS
NET-MASK: 255.255.255.240
*.*.*.129 (router)
|
|
*.*.*.130 (eth1 on the firewall)
*.*.*.131 (eth0 on the firewall)
|
|
*.*.*.132 (a www-server, gateway set to *.*.*.131)
IP_FORWARDING is enabled.
Everything is running fine. the www-server is able to ping the firewall (both
devices), but it is nit able to ping the router nor is the firewall and all
packages coming from the router are dropped due to the spoof-protection.
Now I set FW_ROUTER in rc.config to *.*.*.129. I thought that from now on I
should be able to ping the router from the www-server (or was I wrong) or from
the firewall. But when I started a ping from the firewall or the www-server
they don't get any reply. Now when I start a ping from the router to the
firewall or the www-server they also don't return, but I get a log entry that
the packages have been accepted.
Please help me, cause I got no idea of what I'm doing wrong.
--
To unsubscribe, e-mail: suse-security-unsubscribe@suse.com
For additional commands, e-mail: suse-security-help@suse.com
----- End forwarded message -----
--
SuSE Muenchen GmbH Phone: +49-89-42769-0
Stahlgruberring 28 Fax: +49-89-42017701
D-81829 Muenchen, Germany
May the Source be with you!
