] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0 0 Jan 2 14:42:05 linux pppd[1911]: sent [LCP ConfAck id=0xec
Hello all,
I am trying to setup my SuSEfirewall2. My network:
eth0 = extern (DSL)
eth1= intern (192.168.0.55 / Netmask 255.255.255.0).
You find my settings below. After FW2-Start I become with my Computer no
answer from the internet (no connect with browser or mail-program). After I
changed the variable FW2_Start to "no" and run /sbin/SuSEconfig nothing
happens. Only a restart sets the FW2-Start to no.
I hope for any tips to become my firewall running
Thanks
Andreas
My Firewall-settings:
FW_DEV_EXT="eth0"
FW_DEV_INT="eth1"
FW_DEV_DMZ=""
FW_ROUTE="yes"
FW_MASQUERADE="yes"
FW_MASQ_DEV="$FW_DEV_EXT"
FW_MASQ_NETS="192.168.0.0/24"
FW_PROTECT_FROM_INTERNAL="no"
FW_AUTOPROTECT_SERVICES="yes"
FW_SERVICES_EXT_TCP=""
FW_SERVICES_EXT_UDP="13 53"
FW_SERVICES_EXT_IP=""
FW_SERVICES_DMZ_TCP=""
FW_SERVICES_DMZ_UDP=""
FW_SERVICES_DMZ_IP=""
FW_SERVICES_INT_TCP="22 53 80 8080 110 10001 3128 139 smtp ssh"
FW_SERVICES_INT_UDP="53"
FW_SERVICES_INT_IP=""
FW_TRUSTED_NETS=""
FW_ALLOW_INCOMING_HIGHPORTS_UDP="yes"
FW_SERVICE_AUTODETECT="no"
FW_SERVICE_DNS="no"
FW_SERVICE_DHCLIENT="no"
FW_SERVICE_DHCPD="no"
FW_SERVICE_SQUID=""
FW_SERVICE_SAMBA="no"
FW_FORWARD=""
FW_FORWARD_MASQ=""
FW_REDIRECT=""
----------------------------------------------------------------------
The output of route -n:
Kernel IP Routentabelle
Ziel Router Genmask Flags Metric Ref Use Iface
217.5.98.70 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
192.168.5.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
0.0.0.0 217.5.98.70 0.0.0.0 UG 0 0 0 ppp0
---------------------------------------------------------------------
The output of /var/log/messages:
Jan 2 14:41:51 linux smpppd[1118]: connected on local socket
Jan 2 14:42:04 linux pppd[1911]: Plugin pppoe.so loaded.
Jan 2 14:42:04 linux kernel: CSLIP: code copyright 1989 Regents of the
Universi
ty of California
Jan 2 14:42:04 linux kernel: PPP generic driver version 2.4.1
Jan 2 14:42:04 linux pppd[1911]: PPPoE Plugin Initialized
Jan 2 14:42:05 linux pppd[1911]: Plugin passwordfd.so loaded.
Jan 2 14:42:05 linux pppd[1911]: pppd 2.4.1 started by root, uid 0
Jan 2 14:42:05 linux pppd[1911]: Sending PADI
Jan 2 14:42:05 linux pppd[1911]: HOST_UNIQ successful match
Jan 2 14:42:05 linux pppd[1911]: HOST_UNIQ successful match
Jan 2 14:42:05 linux pppd[1911]: Got connection: 1ebf
Jan 2 14:42:05 linux pppd[1911]: Connecting PPPoE socket: 00:90:1a:10:02:54
bf1
e eth0 0x8086678
Jan 2 14:42:05 linux pppd[1911]: using channel 1
Jan 2 14:42:05 linux pppd[1911]: Using interface ppp0
Jan 2 14:42:05 linux pppd[1911]: Connect: ppp0 <--> eth0
Jan 2 14:42:05 linux pppd[1911]: Couldn't increase MTU to 1500.
Jan 2 14:42:05 linux pppd[1911]: Setting MTU to 1492.
Jan 2 14:42:05 linux pppd[1911]: Couldn't increase MRU to 1500
Jan 2 14:42:05 linux pppd[1911]: sent [LCP ConfReq id=0x1
* Andreas Mantke;
My Firewall-settings: FW_DEV_EXT="eth0"
changed this to ppp0 as PPPOE is using ppp not ethernet
Jan 2 14:42:05 linux pppd[1911]: using channel 1 Jan 2 14:42:05 linux pppd[1911]: Using interface ppp0 Jan 2 14:42:05 linux pppd[1911]: Connect: ppp0 <--> eth0
-- Togan Muftuoglu Unofficial SuSE FAQ Maintainer http://dinamizm.ath.cx
] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0 0 Jan 2 14:42:05 linux pppd[1911]: sent [LCP ConfAck id=0xec
Hi!
When you establish a DSL connection with pppoe, all the traffic goes thru
the ppp0 interface. You must configure the ppp0 interface as the external
interface in Suse Firewall.
Change FW_DEV_EXT="eth0" to FW_DEV_EXT="ppp0".
Good Luck.
Alberto
----- Original Message -----
From: "Andreas Mantke" --
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@suse.com
Security-related bug reports go to security@suse.de, not here
Hallo Alberto, hello Togan, Am Donnerstag, 2. Januar 2003 16:17 schrieb Alberto Rodas Hettich:
Hi!
When you establish a DSL connection with pppoe, all the traffic goes thru the ppp0 interface. You must configure the ppp0 interface as the external interface in Suse Firewall. Change FW_DEV_EXT="eth0" to FW_DEV_EXT="ppp0".
Thanks, that was my mistake. Now the system is in function.
Good Luck.
Alberto
Andreas
participants (3)
-
Alberto Rodas Hettich
-
Andreas Mantke
-
Togan Muftuoglu