Hi everyone, I'm currently playing with AutoYaST on a scratch system, with a view to using SuSE 9.0+AutoYAST in place of Redhat 9+Kickstart on some of our servers. AutoYaST works rather nicely, but I'm having a couple of teething problems which is probably down to ignorance on my part. My test install environment is based on the GRUB boot floppy found at: ftp://ftp.suse.com/pub/people/nashif/autoinstall/ I'm looking at an install environment which uses TFTP for boot images and autoyast files but which uses manually configured IP addresses supplied by the grub and autoyast configurations. I don't trust DHCP on our network, simply because of the large numbers of different groups who run servers. Problem #1: Spurious DHCP requests ================================== Unless I switch off forceboot and reboot in the autoyast.xml file: <mode> <confirm config:type="boolean">true</confirm> <forceboot config:type="boolean">false</forceboot> <reboot config:type="boolean">false</reboot> </mode> the system reboots and attempts a DHCP lookup on eth0 before setting up the static IP address which I have specified in the autoyast.xml file: <networking> ... <interfaces config:type="list"> <interface> <bootproto>static</bootproto> <broadcast>131.111.255.255</broadcast> <device>eth0</device> <ipaddr>131.111.11.209</ipaddr> <netmask>255.255.0.0</netmask> <network>131.111.0.0</network> <startmode>onboot</startmode> </interface> </interfaces> ... </networking> Is there another way of stopping the redundant DHCP request? At best this leads to a delay until the request times out. At worse the machine could end up with an invalid configuration. Problem #2: Firewall configuration ================================== /sbin/yast2 autoyast provides a screen for configurating a firewall which generates the following in autoyast.xml: <firewall> <fw_allow_fw_traceroute>yes</fw_allow_fw_traceroute> <fw_autoprotect_services>yes</fw_autoprotect_services> <fw_dev_ext>eth0</fw_dev_ext> <fw_dev_int></fw_dev_int> <fw_log_accept_all>no</fw_log_accept_all> <fw_log_accept_crit>yes</fw_log_accept_crit> <fw_log_drop_all>no</fw_log_drop_all> <fw_log_drop_crit>yes</fw_log_drop_crit> <fw_masq_nets></fw_masq_nets> <fw_masquerade>no</fw_masquerade> <fw_protect_from_internal>yes</fw_protect_from_internal> <fw_route>no</fw_route> <fw_services_ext_tcp>ssh</fw_services_ext_tcp> <start_firewall config:type="boolean">true</start_firewall> </firewall> The yast postinstall script which runs says "Setting up firewall", and there is various output in y2log which includes: 2003-12-08 12:38:45 <1> magenta-4(2667) [YCP] clients/autoinst_configure.ycp:105 Writing configuration for firewall However, /etc/sysconfig/SuSEfirewall2 doesn't appear to get updated: -rw-r--r-- 1 root root 26770 Dec 8 12:35 SuSEfirewall2 and iptables doesn't acquire any rules. Does autoyast support SuSEfirewall yet? It is conspicuous by its absence in the documentation provided at: http://www.suse.de/~nashif/autoinstall/9.0/html/index.html Thanks in advance for any answers. -- David Carter Email: David.Carter@ucs.cam.ac.uk University Computing Service, Phone: (01223) 334502 New Museums Site, Pembroke Street, Fax: (01223) 334679 Cambridge UK. CB2 3QH.