..siehe auch Configuration ! Liebe Liste, meine Anfrage gestern war wohl zu undifferenziert. Hier nochmal konkreter: Wie ist die Firewall zu konfigurieren, damit diese Pakete (S. Fehlerlog) nicht abgelehnt werden. Für jegliche Hinweise dankbar. LL Jul 24 21:30:08 linuxsrv pppd[4354]: Script /etc/ppp/ip-up started (pid 6329) Jul 24 21:30:08 linuxsrv ip-up: Modified /etc/resolv.conf for DNS at ppp0 Jul 24 21:30:08 linuxsrv SuSEfirewall: Firewall rules successfully set. Jul 24 21:30:08 linuxsrv pppd[4354]: Script /etc/ppp/ip-up finished (pid 6329), status = 0x0 Jul 24 21:30:16 linuxsrv kernel: Packet log: input DENY ppp0 PROTO=17 194.25.2.129:53 217.230.90.52:1040 L=129 S=0x00 I=39341 F=0x0000 T=60 (#84) Jul 24 21:30:20 linuxsrv kernel: Packet log: input DENY ppp0 PROTO=17 217.5.100.129:53 217.230.90.52:1040 L=129 S=0x00 I=57377 F=0x0000 T=55 (#84) Jul 24 21:30:22 linuxsrv kernel: Packet log: input DENY ppp0 PROTO=17 217.5.100.129:53 217.230.90.52:1040 L=129 S=0x00 I=57867 F=0x0000 T=55 (#84) Jul 24 21:30:33 linuxsrv pppd[4354]: sent [LCP EchoReq id=0x1 magic=0x4caf14e4] Jul 24 21:30:33 linuxsrv pppd[4354]: rcvd [LCP EchoRep id=0x1 magic=0xfa19d73] Jul 24 21:30:36 linuxsrv kernel: Packet log: input DENY ppp0 PROTO=17 217.5.100.129:53 217.230.90.52:1040 L=129 S=0x00 I=61577 F=0x0000 T=55 (#84) Jul 24 21:30:42 linuxsrv kernel: Packet log: input DENY ppp0 PROTO=17 194.25.2.129:53 217.230.90.52:1040 L=129 S=0x00 I=13922 F=0x0000 T=60 (#84) Jul 24 21:30:46 linuxsrv kernel: Packet log: input DENY ppp0 PROTO=17 217.5.100.129:53 217.230.90.52:1040 L=129 S=0x00 I=64717 F=0x0000 T=55 (#84) Jul 24 21:30:51 linuxsrv kernel: Packet log: input DENY ppp0 PROTO=17 194.25.2.129:53 217.230.90.52:1040 L=129 S=0x00 I=29243 F=0x0000 T=60 (#84) Konfiguration: FW_DEV_EXT="eth1 ppp0 ippp0" FW_DEV_INT="eth0 ippp1" FW_DEV_DMZ="" FW_ROUTE="yes" FW_MASQUERADE="yes" FW_MASQ_DEV="$FW_DEV_EXT" FW_MASQ_NETS="192.168.100.0/24" FW_PROTECT_FROM_INTERNAL="yes" FW_AUTOPROTECT_SERVICES="yes" FW_SERVICES_EXT_TCP="" # Common: smtp domain FW_SERVICES_EXT_UDP="domain" # Common: domain FW_SERVICES_DMZ_TCP="" # Common: smtp domain FW_SERVICES_DMZ_UDP="" # Common: domain syslog FW_SERVICES_INT_TCP="ssh smtp domain pop3 netbios-ssn 3128" FW_SERVICES_INT_UDP="domain syslog netbios-ns netbios-dgm 3128" FW_TRUSTED_NETS="" FW_ALLOW_INCOMING_HIGHPORTS_TCP="yes" # Common: "ftp-data" FW_ALLOW_INCOMING_HIGHPORTS_UDP="yes" # Common: "DNS" or "domain ntp" FW_SERVICE_DNS="yes" FW_SERVICE_DHCLIENT="no" # if you use dhclient to get an ip address FW_SERVICE_DHCPD="no" # set to "yes" if this server is a DHCP server FW_SERVICE_SAMBA="no" FW_FORWARD="yes" FW_LOG_DROP_CRIT="yes" FW_LOG_DROP_ALL="no" FW_LOG_ACCEPT_CRIT="yes" FW_LOG_ACCEPT_ALL="no" FW_KERNEL_SECURITY="yes" FW_STOP_KEEP_ROUTING_STATE="no" FW_ALLOW_PING_FW="yes" FW_ALLOW_PING_DMZ="no" FW_ALLOW_PING_EXT="no" FW_ALLOW_FW_TRACEROUTE="yes" -- Um die Liste abzubestellen, schicken Sie eine Mail an: suse-linux-unsubscribe@suse.com Um eine Liste aller verfügbaren Kommandos zu bekommen, schicken Sie eine Mail an: suse-linux-help@suse.com