On Wednesday 08 May 2002 16:11, Togan Muftuoglu wrote:
* Nick Selby;
on 08 May, 2002 wrote: It is always better to send replies back to the list You may need to fix your mail client or check before you click the mouse or hit the key
Sorry ...
Other than that the only thing I can see regarding the firewall setup is total gibberish to me:
SuSE-FW-DROP means it would have dropped the request if it was running ( not in the test version)
May 8 14:50:13 linux kernel: SuSE-FW-DROP-ANTI-SPOOF IN=eth0 OUT= MAC=00:d0:59:31:57:27:00:80:48:c9 :4a:7d:08:00 SRC=192.168.10.102 DST=192.168.10.4 LEN=153 TOS=0x00 PREC=0x00 TTL=128 ID=15021 DF PROT O=TCP SPT=1031 DPT=139
192.168.10.102 from Sourceport 1031 is sending a to 192.168.10.4 destination port 139 (SAMBA) ANTI-SPOOF means internal addresses 192.168/16 10/8 172.12/16 shoudl don be coming in to the external interface
Thanks for that
if version < SUSE 8.0 /etc/rc.config.d/firewall2.rc.config
if version = SuSE 8.0 /etc/sysconfig/SuSEfirewall2
Okay. Looked that over. Fine and dandy. Now from the email before, it seems clear that I need
And still having to allow tcp port 139 ... could that be the problem I was having earlier when nothing got out - that I still had to allow etc. etc?
have you permit port 139 to internal in your firewall2.rc.config Okay. TCP port 139. In the config file it says, I *THINK*, that I need to write it like this: "ftp", "139" - is that right? Now I get confused when I look at the directions within the page because it seems that there are a number of places I could do that: # FW_SERVICES_*_IP with the protocol name or number (see /etc/protocols) # # Choice: leave empty or any number of ports, known portnames (from # /etc/services) and port ranges seperated by a space. Port ranges are # written like this: allow port 1 to 10 -> "1:10" # e.g. "", "smtp", "123 514", "3200:3299", "ftp 22 telnet 512:514" # For FW_SERVICES_*_IP enter the protocol name (like "igmp") or number ("2") # # Common: smtp domain FW_SERVICES_EXT_TCP="http https pop3 pop3s rsync smtp ssh telnet" # Common: domain FW_SERVICES_EXT_UDP="" # Common: domain # For VPN/Routing which END at the firewall!! FW_SERVICES_EXT_IP="" # # Common: smtp domain FW_SERVICES_DMZ_TCP="" # Common: domain FW_SERVICES_DMZ_UDP="" # For VPN/Routing which END at the firewall!! FW_SERVICES_DMZ_IP="" # # Common: ssh smtp domain FW_SERVICES_INT_TCP="" # Common: domain syslog FW_SERVICES_INT_UDP="" # For VPN/Routing which END at the firewall!! FW_SERVICES_INT_IP="" Can anyone shed some more light? Thanks VERY much in advance, Nick