Hi!
first of all thank you for your good work. But where did you put the SuSEfirewall2 v1.9 tarball?
all my betas can be downloaded from http://www.suse.de/~marc/suse Greets, Marc
On 3 Nov 2001 at 13:26, Marc Heuse wrote:
Hi folks,
SuSEfirewall v1.9 is now available - with correct version number and with all files ;-)
background: I forgot to change the version number to 1.8 in the last release, after a user reminded me, I repacked it, however because the filesystem was full, SuSEfirewall was not in the package ... argh sorry for the inconvinience.
Greets, Marc -- E@mail: marc@suse.de Function: Security Research and Advisory PGP: "lynx -source http://www.suse.de/~marc/marc.pgp | pgp -fka" Key fingerprint = B5 07 B6 4E 9C EF 27 EE 16 D9 70 D4 87 B5 63 6C Private: http://www.suse.de/~marc SuSE: http://www.suse.de/security
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
-- Greets, Marc -- E@mail: marc@suse.de Function: Security Research and Advisory PGP: "lynx -source http://www.suse.de/~marc/marc.pgp | pgp -fka" Key fingerprint = B5 07 B6 4E 9C EF 27 EE 16 D9 70 D4 87 B5 63 6C Private: http://www.suse.de/~marc SuSE: http://www.suse.de/security
Hi Marc! Thank you very much for providing SuSEFirewall2 to those who are not experts in firewalls and stil can get some security. I have an ISDN connection and enabled firewall for ippp0 as it is stated in the EXAMPLES file. However, I still (the same was in the V1.8) get some error while booting the system: iptables v1.1.2: Unknown arg '--clamp-mss-to-pmt'. I dont' understand what it is, but the above mentioned argument is present at the end of SuSEfirewall2 script. What's wrong? Sincerely, Sasa
Looks like a bug in Marc's script the rule is supposed to be
$IPTABLES -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j
TCPMSS --clamp-mss-to-pmtu
there is a missing 'u' at the end. ;^)
MTU stands for 'Maximum Transmission Unit' and,
as its name implies, is the maximum size of each packet sent (in octets).
Edit your /sbin/SuSEfirewall2 this line is almost @ the very bottom.
Also your'e using the old iptables wich has ftp vulnerabilty in it.
Donload an update from SuSE to iptables-1.2.1a-37 or download
and compile the latest from netfilter.samba.org
Good luck.
----- Original Message -----
From: "Sasa Janiska"
Hi Marc!
Thank you very much for providing SuSEFirewall2 to those who are not experts in firewalls and stil can get some security.
I have an ISDN connection and enabled firewall for ippp0 as it is stated in the EXAMPLES file.
However, I still (the same was in the V1.8) get some error while booting the system: iptables v1.1.2: Unknown arg '--clamp-mss-to-pmt'.
I dont' understand what it is, but the above mentioned argument is present at the end of SuSEfirewall2 script.
What's wrong?
Sincerely, Sasa
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
Hi, yeah thats right, the "u" is missing ... weird that the module does not bail for an unknown option, *sigh* will be fixed in v2.0 (soon) Greets, Marc
Looks like a bug in Marc's script the rule is supposed to be $IPTABLES -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
there is a missing 'u' at the end. ;^) MTU stands for 'Maximum Transmission Unit' and, as its name implies, is the maximum size of each packet sent (in octets).
Edit your /sbin/SuSEfirewall2 this line is almost @ the very bottom.
Also your'e using the old iptables wich has ftp vulnerabilty in it. Donload an update from SuSE to iptables-1.2.1a-37 or download and compile the latest from netfilter.samba.org
Good luck.
----- Original Message ----- From: "Sasa Janiska"
To: Sent: Sunday, November 04, 2001 12:40 PM Subject: Re: [suse-security] SuSEfirewall2 v1.9 Hi Marc!
Thank you very much for providing SuSEFirewall2 to those who are not experts in firewalls and stil can get some security.
I have an ISDN connection and enabled firewall for ippp0 as it is stated in the EXAMPLES file.
However, I still (the same was in the V1.8) get some error while booting the system: iptables v1.1.2: Unknown arg '--clamp-mss-to-pmt'.
I dont' understand what it is, but the above mentioned argument is present at the end of SuSEfirewall2 script.
What's wrong?
Sincerely, Sasa
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
-- Greets, Marc -- E@mail: marc@suse.de Function: Security Research and Advisory PGP: "lynx -source http://www.suse.de/~marc/marc.pgp | pgp -fka" Key fingerprint = B5 07 B6 4E 9C EF 27 EE 16 D9 70 D4 87 B5 63 6C Private: http://www.suse.de/~marc SuSE: http://www.suse.de/security
participants (3)
-
Alex Levit
-
marc@suse.de
-
Sasa Janiska