Suse Firewall2 blocking own IP number
I have installed Suse 7.3 and setup SuseFirewall2. With one exception everything works well. I have a small network of three windows machines connected to a Suse 7.3 Linux server that is connected to an adsl modem through a network card. I have one public ip number for one card (eth0) thats connected to the adsl modem, and for the internal network (eth1) I have the number 192.168.1.1. Masquerading from inside to the outside works fine, but when I try to connect to my external ip from inside I get blocked and the console shows the following message. SuSE-FW-ACCESS_DENIED_FOR_INTIN=eth1 OUT= MAC=00:01:02:24:4d:23:00:60:08:c3:6e:a2:08:00 SRC=192.168.1.2 DST=194.236.28.27 LEN=48 TOS=0x08 PREC=0x00 TTL=64 ID=65293 PROTO=TCP SPT=1148 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0 OPT (020405B401010402) What do I need to change in my configuration to allow me to get to my own IP number from the inside ? Bo Jangeborg Softwave Bo)
This problem existed in early SuSEfirewall2 scripts. ( I had it in v 1.3)
Update to latest one, which is SuSEfirewall2 v2.0
go to http://www.suse.com/~marc
----- Original Message -----
From: "Bo Jangeborg"
I have now updated to v2.0
Installed
reconfigured the config script
restarted the machine
Still the same problem.....
Checking through the CHANGED file
I noticed in v1.3
* Added special log message if internals try to access the external
IPs of the firewall
This seems to indicate that the blocking is done on purpouse.
Is there a way arond it ?
Bo)
----- Original Message -----
From: "Alex Levit"
This problem existed in early SuSEfirewall2 scripts. ( I had it in v 1.3) Update to latest one, which is SuSEfirewall2 v2.0 go to http://www.suse.com/~marc
----- Original Message ----- From: "Bo Jangeborg"
To: Sent: Thursday, November 22, 2001 3:45 AM Subject: [suse-security] Suse Firewall2 blocking own IP number I have installed Suse 7.3 and setup SuseFirewall2. With one exception everything works well. I have a small network of three windows machines connected to a Suse 7.3 Linux server that is connected to an adsl modem through a network card. I have one public ip number for one card (eth0) thats connected to the adsl modem, and for the internal network (eth1) I have the number 192.168.1.1.
Masquerading from inside to the outside works fine, but when I try to connect to my external ip from inside I get blocked and the console shows the following message.
SuSE-FW-ACCESS_DENIED_FOR_INTIN=eth1 OUT= MAC=00:01:02:24:4d:23:00:60:08:c3:6e:a2:08:00 SRC=192.168.1.2 DST=194.236.28.27 LEN=48 TOS=0x08 PREC=0x00 TTL=64 ID=65293 PROTO=TCP SPT=1148 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0 OPT (020405B401010402)
What do I need to change in my configuration to allow me to get to my own IP number from the inside ?
Bo Jangeborg Softwave
Bo)
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
participants (2)
-
Alex Levit
-
Bo Jangeborg