Hi, I am currently dealing with the SuSEfirewall 9.3 and I hope that somebody knows more or figured out more about it then the pour documentation tries to do. I did work quiet a while on the iptables but this SuSE system really does not make a difference in terms of complexity. Sorry. Is there any better documentation about it then you can find in /usr/share/doc/packages/SuSEfirewall2 I found these two scripts e.g.: SuSEfirewall2_init SuSEfirewall2_setup Why does SuSE needs two scripts? Does SuSE plan to change main things on the firewall system in future? Since they did from version to version. Regards, Robert.
Hi Robert, Robert Uhl wrote:
Hi,
I am currently dealing with the SuSEfirewall 9.3 and I hope that somebody knows more or figured out more about it then the pour documentation tries to do. I did work quiet a while on the iptables but this SuSE system really does not make a difference in terms of complexity. Sorry.
Is there any better documentation about it then you can find in /usr/share/doc/packages/SuSEfirewall2
I found these two scripts e.g.:
There are three of them ;-) ls /etc/init.d/rc5.d/*fire* /etc/init.d/rc5.d/K01SuSEfirewall2_final /etc/init.d/rc5.d/K09SuSEfirewall2_setup /etc/init.d/rc5.d/K21SuSEfirewall2_init /etc/init.d/rc5.d/S01SuSEfirewall2_init /etc/init.d/rc5.d/S13SuSEfirewall2_setup /etc/init.d/rc5.d/S21SuSEfirewall2_final
SuSEfirewall2_init SuSEfirewall2_setup
SuSE uses this to get around some Problems regarding Security during the Boot-Process. First closing everything, then, after Network config, opening specific Ports/Interfaces. IMHO there are two ways to handle SuSEfirewall. a:) Let Yast do everything. Yes you have to configure Yast anyway ;-) Yast supports some Files for youre own rules. b:) Deinstall SuSEfirewall and use something different. Greetings Dirk TRIA IT-consulting GmbH Joseph-Wild-Straße 20 81829 München Germany Tel: +49 (89) 92907-0 Fax: +49 (89) 92907-100 http://www.tria.de Registergericht München HRB 113466 USt.-IdNr. DE 180017238 Steuer-Nr. 802/40600 Geschäftsführer: Richard Hofbauer kaufm. Geschäftsleitung: Rosa Igl-------------------------------------------------------- Nachricht von: Dirk.Schreiner@tria.de Nachricht an: RobertUhl@web.de, suse-security@suse.com # Dateianhänge: 0
hi, you can find useful .pdf about SuSEFirewall2 at http://prdownloads.sourceforge.net/susefaq/ it's named firewall2-a3-0-9.pdf it also explains why SuSE has 3 init scripts for firewall. Regards, Michael Groisman email: mg@research.haifa.ac.il Unix Systems Administrator voice: 04-8240401 (#2401) Computing Division mobile: 052-5277147 University of Haifa On Wed, 23 Nov 2005, Robert Uhl wrote:
Hi,
I am currently dealing with the SuSEfirewall 9.3 and I hope that somebody knows more or figured out more about it then the pour documentation tries to do. I did work quiet a while on the iptables but this SuSE system really does not make a difference in terms of complexity. Sorry.
Is there any better documentation about it then you can find in /usr/share/doc/packages/SuSEfirewall2
I found these two scripts e.g.:
SuSEfirewall2_init SuSEfirewall2_setup
Why does SuSE needs two scripts?
Does SuSE plan to change main things on the firewall system in future? Since they did from version to version.
Regards, Robert.
Michael, On Wednesday 23 November 2005 03:55, Michael Groisman wrote:
hi, you can find useful .pdf about SuSEFirewall2 at http://prdownloads.sourceforge.net/susefaq/ it's named firewall2-a3-0-9.pdf
Perhaps it's "firewall2-a4-0-9.pdf" with the companion in U.S. Letter paper size "firewall2-ltr-0-9.pdf" It also appears that many of the configured mirrors actaully do not hold these documents. I finally found one in the Kent, U.K. mirror, which is very slow...
it also explains why SuSE has 3 init scripts for firewall.
Regards, Michael Groisman
Randall Schulz
participants (4)
-
Dirk Schreiner
-
Michael Groisman
-
Randall R Schulz
-
Robert Uhl