Mailinglist Archive: opensuse-de (5757 mails)
| < Previous | Next > |
Re: 8.1: Rechner bleibt bei Phase 2 v. 3 der Firewall haengen.
- From: Al Bogner <suse-linux@xxxxxxxxxxxxxx>
- Date: Wed, 16 Oct 2002 00:55:27 +0200
- Message-id: <200210160047.36274.suse-linux@xxxxxxxxxxxxxx>
On Mittwoch, 16. Oktober 2002 00:10 Wolfgang Kueter wrote:
> Am Die, 2002-10-15 um 20.21 schrieb Al Bogner:
> > Mit und ohne Update von 8.1 bleibt der Rechner beim Hochfahren
> > bei Phase 2 v. 3 der Firewall hängen. Installiert wurde ein
> > "minimales grafisches System" ohne Maus. Hardware: Cel. 466,
> > 160MB RAM, S3-Graka, Asus P2B-S Mobo.
Ich ergänze, auch bei Abschluß der FW-Konfiguration unter yast
passiert es meistens, dass es bei 66% hängen bleibt. Schön langsam
vermute ich einen Hardware-Fehler der ISDN-Karte. Einmal sah ich
kurz eine Meldung, die so ungefähr besagte, dass ippp0 nicht
gefunden wurde und deswegen die Konfiguration der FW nicht
abgeschlossen werden konnte. hwinfo erkennt die Karte aber.
> Wozu dient die Mschine denn?
FW, Masquerading, Router, Notsystem. Ich bin schon fast soweit, dass
ich mal http://www.fli4l.de/ ausprobiere.
Auf diesem Rechner schaffe ich es unter 8.0 gar nicht mehr eine
Internetverbindung zustande zu bringen, aber unter 8.1. ISDN-Karte
(Fritz PCI) war immer die gleiche. Also doch wieder kein
Hardwareproblem, sondern ein Konfigurationsproblem? Ich verstehe
nur nicht, warum es am anderen Rechner unter 8.0 ein Kinderspiel
war den Internetzugang zu konfigurieren und ich bei diesem Rechner
unter 8.0 scheitere, aber es mit 8,1 geht. Egal, bleiben wir mal
bei 8.1 und dem FW-Problem.
> In der Runlevelkonfiguration von Yast kannst Du einstellen, ob
> das Firewallgeraffel gestartet werden soll. Schalte es ab, Du
> brauchst es wahrscheinlich sowieso nicht. Falls doch, begründe
> bitte wozu Du es Deiner Meinung nach brauchst.
Das dachte ich mir auch und habe o.a. Vorschlag bereits umgesetzt.
Eben sah ich noch mals nach und irgendwas, vermutlich
yast-Firewall, hat es wieder aktiv gesetzt. Im Augenblick muß ich
aber sehr vorsichtig sein, um mir nicht die Internetverbindung
kaputt zu machen. Ich probier jetzt also nichts aus und warte
vorher die Antwort ab.
> > Ein ping bzw. ssh von einem anderen Rechner funktioniert nicht.
Manchmal geht es doch. Das sind immer die besten Bemerkungen, sorry
es ist so :-) Das ssh-Problem unter 8.1 kommt da auch noch
erschwerend hinzu.
> Was sagt denn iptables -nL
Siehe PS.
Albert
PS:
# iptables -nL
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
LOG all -- 127.0.0.0/8 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-ANTI-SPOOFING '
LOG all -- 0.0.0.0/0 127.0.0.0/8 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-ANTI-SPOOFING '
DROP all -- 127.0.0.0/8 0.0.0.0/0
DROP all -- 0.0.0.0/0 127.0.0.0/8
LOG all -- 192.168.1.99 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-ANTI-SPOOFING '
DROP all -- 192.168.1.99 0.0.0.0/0
LOG all -- 62.46.155.103 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-ANTI-SPOOFING '
DROP all -- 62.46.155.103 0.0.0.0/0
input_ext all -- 0.0.0.0/0 62.46.155.103
input_int all -- 0.0.0.0/0 192.168.1.99
DROP all -- 0.0.0.0/0 192.168.1.255
DROP all -- 0.0.0.0/0 255.255.255.255
LOG all -- 0.0.0.0/0 62.46.155.103 LOG
flags 6 level 4 prefix `SuSE-FW-ACCESS_DENIED_INT '
DROP all -- 0.0.0.0/0 62.46.155.103
LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-ILLEGAL-TARGET '
DROP all -- 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP)
target prot opt source destination
TCPMSS tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
flags:0x06/0x02 TCPMSS clamp to PMTU
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
forward_ext all -- 0.0.0.0/0 0.0.0.0/0
forward_int all -- 0.0.0.0/0 0.0.0.0/0
LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-ILLEGAL-ROUTING '
DROP all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state
NEW,RELATED,ESTABLISHED
LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-FORWARD-ERROR '
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 11 LOG flags 6 level 4 prefix `SuSE-FW-TRACEROUTE-ATTEMPT '
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 11
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 3 code 3
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 3 code 4
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 3 code 9
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 3 code 10
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 3 code 13
DROP icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 3
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state
NEW,RELATED,ESTABLISHED
LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-OUTPUT-ERROR '
Chain forward_dmz (0 references)
target prot opt source destination
LOG all -- 62.46.155.103 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-ANTI-SPOOF '
DROP all -- 62.46.155.103 0.0.0.0/0
LOG all -- 192.168.1.0/24 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-ANTI-SPOOF '
DROP all -- 192.168.1.0/24 0.0.0.0/0
LOG all -- 0.0.0.0/0 192.168.1.99 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-CIRCUMVENTION '
DROP all -- 0.0.0.0/0 192.168.1.99
LOG all -- 0.0.0.0/0 62.46.155.103 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-CIRCUMVENTION '
DROP all -- 0.0.0.0/0 62.46.155.103
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED icmp type 3
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state
NEW,RELATED,ESTABLISHED
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 4 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 5 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 8 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 13 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 17 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG udp -- 0.0.0.0/0 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG all -- 0.0.0.0/0 0.0.0.0/0 state
INVALID LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT-INVALID '
DROP all -- 0.0.0.0/0 0.0.0.0/0
Chain forward_ext (1 references)
target prot opt source destination
LOG all -- 192.168.1.0/24 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-ANTI-SPOOF '
DROP all -- 192.168.1.0/24 0.0.0.0/0
LOG all -- 0.0.0.0/0 192.168.1.99 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-CIRCUMVENTION '
DROP all -- 0.0.0.0/0 192.168.1.99
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED icmp type 3
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state
NEW,RELATED,ESTABLISHED
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 4 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 5 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 8 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 13 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 17 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG udp -- 0.0.0.0/0 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG all -- 0.0.0.0/0 0.0.0.0/0 state
INVALID LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT-INVALID '
DROP all -- 0.0.0.0/0 0.0.0.0/0
Chain forward_int (1 references)
target prot opt source destination
LOG all -- 62.46.155.103 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-ANTI-SPOOF '
DROP all -- 62.46.155.103 0.0.0.0/0
LOG all -- 0.0.0.0/0 62.46.155.103 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-CIRCUMVENTION '
DROP all -- 0.0.0.0/0 62.46.155.103
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED icmp type 3
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state
NEW,RELATED,ESTABLISHED
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 4 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 5 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 8 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 13 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 17 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG udp -- 0.0.0.0/0 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG all -- 0.0.0.0/0 0.0.0.0/0 state
INVALID LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT-INVALID '
DROP all -- 0.0.0.0/0 0.0.0.0/0
Chain input_dmz (0 references)
target prot opt source destination
LOG all -- 62.46.155.103 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-ANTI-SPOOF '
DROP all -- 62.46.155.103 0.0.0.0/0
LOG all -- 192.168.1.0/24 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-ANTI-SPOOF '
DROP all -- 192.168.1.0/24 0.0.0.0/0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 8
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 3
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 11
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 12
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 14
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 18
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 5 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 4 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 13 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 17 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 2 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
DROP icmp -- 0.0.0.0/0 0.0.0.0/0
reject_func tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:113 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:22 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP '
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:22 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:111 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP '
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:111 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpts:1024:65535 flags:0x16/0x02 LOG flags 6 level 4 prefix
`SuSE-FW-ACCEPT '
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED tcp dpts:1024:65535
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state
ESTABLISHED tcp dpts:600:65535 flags:!0x16/0x02
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state
ESTABLISHED tcp dpt:20 flags:!0x16/0x02
ACCEPT udp -- 195.3.96.67 0.0.0.0/0 state
NEW,RELATED,ESTABLISHED udp spt:53 dpts:1024:65535
ACCEPT udp -- 195.3.96.68 0.0.0.0/0 state
NEW,RELATED,ESTABLISHED udp spt:53 dpts:1024:65535
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp
dpt:22
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp
dpt:111
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp
dpt:111
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED udp dpts:1024:65535
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 4 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 5 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 8 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 13 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 17 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG udp -- 0.0.0.0/0 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG all -- 0.0.0.0/0 0.0.0.0/0 state
INVALID LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT-INVALID '
DROP all -- 0.0.0.0/0 0.0.0.0/0
Chain input_ext (1 references)
target prot opt source destination
LOG all -- 192.168.1.0/24 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-ANTI-SPOOF '
DROP all -- 192.168.1.0/24 0.0.0.0/0
LOG icmp -- 62.46.155.103 0.0.0.0/0 icmp
type 4 LOG flags 6 level 4 prefix `SuSE-FW-ACCEPT-SOURCEQUENCH '
ACCEPT icmp -- 62.46.155.103 0.0.0.0/0 icmp
type 4
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 8
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 3
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 11
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 12
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 14
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 18
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 5 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 4 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 13 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 17 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 2 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
DROP icmp -- 0.0.0.0/0 0.0.0.0/0
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:22 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-ACCEPT '
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state
NEW,RELATED,ESTABLISHED tcp dpt:22
reject_func tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:113 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:22 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP '
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:22 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:111 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP '
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:111 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpts:1024:65535 flags:0x16/0x02 LOG flags 6 level 4 prefix
`SuSE-FW-ACCEPT '
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED tcp dpts:1024:65535
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state
ESTABLISHED tcp dpts:600:65535 flags:!0x16/0x02
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state
ESTABLISHED tcp dpt:20 flags:!0x16/0x02
ACCEPT udp -- 195.3.96.67 0.0.0.0/0 state
NEW,RELATED,ESTABLISHED udp spt:53 dpts:1024:65535
ACCEPT udp -- 195.3.96.68 0.0.0.0/0 state
NEW,RELATED,ESTABLISHED udp spt:53 dpts:1024:65535
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp
dpt:22
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp
dpt:111
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp
dpt:111
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED udp dpts:1024:65535
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state
ESTABLISHED udp dpts:61000:65095
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 4 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 5 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 8 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 13 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 17 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG udp -- 0.0.0.0/0 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG all -- 0.0.0.0/0 0.0.0.0/0 state
INVALID LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT-INVALID '
DROP all -- 0.0.0.0/0 0.0.0.0/0
Chain input_int (1 references)
target prot opt source destination
LOG all -- 62.46.155.103 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-ANTI-SPOOF '
DROP all -- 62.46.155.103 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 8
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 3
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 11
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 12
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 14
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 18
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 5 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 4 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 13 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 17 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 2 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
DROP icmp -- 0.0.0.0/0 0.0.0.0/0
reject_func tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:113 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpts:1024:65535 flags:0x16/0x02 LOG flags 6 level 4 prefix
`SuSE-FW-ACCEPT '
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED tcp dpts:1024:65535
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state
ESTABLISHED tcp dpts:600:65535 flags:!0x16/0x02
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state
ESTABLISHED tcp dpt:20 flags:!0x16/0x02
ACCEPT udp -- 195.3.96.67 0.0.0.0/0 state
NEW,RELATED,ESTABLISHED udp spt:53 dpts:1024:65535
ACCEPT udp -- 195.3.96.68 0.0.0.0/0 state
NEW,RELATED,ESTABLISHED udp spt:53 dpts:1024:65535
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED udp dpts:1024:65535
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 4 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 5 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 8 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 13 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 17 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG udp -- 0.0.0.0/0 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG all -- 0.0.0.0/0 0.0.0.0/0 state
INVALID LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT-INVALID '
DROP all -- 0.0.0.0/0 0.0.0.0/0
Chain reject_func (3 references)
target prot opt source destination
REJECT tcp -- 0.0.0.0/0 0.0.0.0/0
reject-with tcp-reset
REJECT udp -- 0.0.0.0/0 0.0.0.0/0
reject-with icmp-port-unreachable
REJECT all -- 0.0.0.0/0 0.0.0.0/0
reject-with icmp-proto-unreachable
> Am Die, 2002-10-15 um 20.21 schrieb Al Bogner:
> > Mit und ohne Update von 8.1 bleibt der Rechner beim Hochfahren
> > bei Phase 2 v. 3 der Firewall hängen. Installiert wurde ein
> > "minimales grafisches System" ohne Maus. Hardware: Cel. 466,
> > 160MB RAM, S3-Graka, Asus P2B-S Mobo.
Ich ergänze, auch bei Abschluß der FW-Konfiguration unter yast
passiert es meistens, dass es bei 66% hängen bleibt. Schön langsam
vermute ich einen Hardware-Fehler der ISDN-Karte. Einmal sah ich
kurz eine Meldung, die so ungefähr besagte, dass ippp0 nicht
gefunden wurde und deswegen die Konfiguration der FW nicht
abgeschlossen werden konnte. hwinfo erkennt die Karte aber.
> Wozu dient die Mschine denn?
FW, Masquerading, Router, Notsystem. Ich bin schon fast soweit, dass
ich mal http://www.fli4l.de/ ausprobiere.
Auf diesem Rechner schaffe ich es unter 8.0 gar nicht mehr eine
Internetverbindung zustande zu bringen, aber unter 8.1. ISDN-Karte
(Fritz PCI) war immer die gleiche. Also doch wieder kein
Hardwareproblem, sondern ein Konfigurationsproblem? Ich verstehe
nur nicht, warum es am anderen Rechner unter 8.0 ein Kinderspiel
war den Internetzugang zu konfigurieren und ich bei diesem Rechner
unter 8.0 scheitere, aber es mit 8,1 geht. Egal, bleiben wir mal
bei 8.1 und dem FW-Problem.
> In der Runlevelkonfiguration von Yast kannst Du einstellen, ob
> das Firewallgeraffel gestartet werden soll. Schalte es ab, Du
> brauchst es wahrscheinlich sowieso nicht. Falls doch, begründe
> bitte wozu Du es Deiner Meinung nach brauchst.
Das dachte ich mir auch und habe o.a. Vorschlag bereits umgesetzt.
Eben sah ich noch mals nach und irgendwas, vermutlich
yast-Firewall, hat es wieder aktiv gesetzt. Im Augenblick muß ich
aber sehr vorsichtig sein, um mir nicht die Internetverbindung
kaputt zu machen. Ich probier jetzt also nichts aus und warte
vorher die Antwort ab.
> > Ein ping bzw. ssh von einem anderen Rechner funktioniert nicht.
Manchmal geht es doch. Das sind immer die besten Bemerkungen, sorry
es ist so :-) Das ssh-Problem unter 8.1 kommt da auch noch
erschwerend hinzu.
> Was sagt denn iptables -nL
Siehe PS.
Albert
PS:
# iptables -nL
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
LOG all -- 127.0.0.0/8 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-ANTI-SPOOFING '
LOG all -- 0.0.0.0/0 127.0.0.0/8 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-ANTI-SPOOFING '
DROP all -- 127.0.0.0/8 0.0.0.0/0
DROP all -- 0.0.0.0/0 127.0.0.0/8
LOG all -- 192.168.1.99 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-ANTI-SPOOFING '
DROP all -- 192.168.1.99 0.0.0.0/0
LOG all -- 62.46.155.103 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-ANTI-SPOOFING '
DROP all -- 62.46.155.103 0.0.0.0/0
input_ext all -- 0.0.0.0/0 62.46.155.103
input_int all -- 0.0.0.0/0 192.168.1.99
DROP all -- 0.0.0.0/0 192.168.1.255
DROP all -- 0.0.0.0/0 255.255.255.255
LOG all -- 0.0.0.0/0 62.46.155.103 LOG
flags 6 level 4 prefix `SuSE-FW-ACCESS_DENIED_INT '
DROP all -- 0.0.0.0/0 62.46.155.103
LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-ILLEGAL-TARGET '
DROP all -- 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP)
target prot opt source destination
TCPMSS tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
flags:0x06/0x02 TCPMSS clamp to PMTU
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
forward_ext all -- 0.0.0.0/0 0.0.0.0/0
forward_int all -- 0.0.0.0/0 0.0.0.0/0
LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-ILLEGAL-ROUTING '
DROP all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state
NEW,RELATED,ESTABLISHED
LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-FORWARD-ERROR '
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 11 LOG flags 6 level 4 prefix `SuSE-FW-TRACEROUTE-ATTEMPT '
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 11
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 3 code 3
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 3 code 4
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 3 code 9
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 3 code 10
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 3 code 13
DROP icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 3
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state
NEW,RELATED,ESTABLISHED
LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-OUTPUT-ERROR '
Chain forward_dmz (0 references)
target prot opt source destination
LOG all -- 62.46.155.103 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-ANTI-SPOOF '
DROP all -- 62.46.155.103 0.0.0.0/0
LOG all -- 192.168.1.0/24 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-ANTI-SPOOF '
DROP all -- 192.168.1.0/24 0.0.0.0/0
LOG all -- 0.0.0.0/0 192.168.1.99 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-CIRCUMVENTION '
DROP all -- 0.0.0.0/0 192.168.1.99
LOG all -- 0.0.0.0/0 62.46.155.103 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-CIRCUMVENTION '
DROP all -- 0.0.0.0/0 62.46.155.103
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED icmp type 3
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state
NEW,RELATED,ESTABLISHED
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 4 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 5 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 8 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 13 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 17 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG udp -- 0.0.0.0/0 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG all -- 0.0.0.0/0 0.0.0.0/0 state
INVALID LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT-INVALID '
DROP all -- 0.0.0.0/0 0.0.0.0/0
Chain forward_ext (1 references)
target prot opt source destination
LOG all -- 192.168.1.0/24 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-ANTI-SPOOF '
DROP all -- 192.168.1.0/24 0.0.0.0/0
LOG all -- 0.0.0.0/0 192.168.1.99 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-CIRCUMVENTION '
DROP all -- 0.0.0.0/0 192.168.1.99
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED icmp type 3
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state
NEW,RELATED,ESTABLISHED
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 4 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 5 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 8 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 13 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 17 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG udp -- 0.0.0.0/0 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG all -- 0.0.0.0/0 0.0.0.0/0 state
INVALID LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT-INVALID '
DROP all -- 0.0.0.0/0 0.0.0.0/0
Chain forward_int (1 references)
target prot opt source destination
LOG all -- 62.46.155.103 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-ANTI-SPOOF '
DROP all -- 62.46.155.103 0.0.0.0/0
LOG all -- 0.0.0.0/0 62.46.155.103 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-CIRCUMVENTION '
DROP all -- 0.0.0.0/0 62.46.155.103
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED icmp type 3
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state
NEW,RELATED,ESTABLISHED
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 4 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 5 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 8 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 13 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 17 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG udp -- 0.0.0.0/0 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG all -- 0.0.0.0/0 0.0.0.0/0 state
INVALID LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT-INVALID '
DROP all -- 0.0.0.0/0 0.0.0.0/0
Chain input_dmz (0 references)
target prot opt source destination
LOG all -- 62.46.155.103 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-ANTI-SPOOF '
DROP all -- 62.46.155.103 0.0.0.0/0
LOG all -- 192.168.1.0/24 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-ANTI-SPOOF '
DROP all -- 192.168.1.0/24 0.0.0.0/0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 8
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 3
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 11
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 12
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 14
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 18
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 5 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 4 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 13 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 17 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 2 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
DROP icmp -- 0.0.0.0/0 0.0.0.0/0
reject_func tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:113 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:22 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP '
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:22 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:111 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP '
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:111 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpts:1024:65535 flags:0x16/0x02 LOG flags 6 level 4 prefix
`SuSE-FW-ACCEPT '
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED tcp dpts:1024:65535
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state
ESTABLISHED tcp dpts:600:65535 flags:!0x16/0x02
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state
ESTABLISHED tcp dpt:20 flags:!0x16/0x02
ACCEPT udp -- 195.3.96.67 0.0.0.0/0 state
NEW,RELATED,ESTABLISHED udp spt:53 dpts:1024:65535
ACCEPT udp -- 195.3.96.68 0.0.0.0/0 state
NEW,RELATED,ESTABLISHED udp spt:53 dpts:1024:65535
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp
dpt:22
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp
dpt:111
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp
dpt:111
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED udp dpts:1024:65535
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 4 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 5 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 8 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 13 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 17 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG udp -- 0.0.0.0/0 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG all -- 0.0.0.0/0 0.0.0.0/0 state
INVALID LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT-INVALID '
DROP all -- 0.0.0.0/0 0.0.0.0/0
Chain input_ext (1 references)
target prot opt source destination
LOG all -- 192.168.1.0/24 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-ANTI-SPOOF '
DROP all -- 192.168.1.0/24 0.0.0.0/0
LOG icmp -- 62.46.155.103 0.0.0.0/0 icmp
type 4 LOG flags 6 level 4 prefix `SuSE-FW-ACCEPT-SOURCEQUENCH '
ACCEPT icmp -- 62.46.155.103 0.0.0.0/0 icmp
type 4
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 8
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 3
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 11
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 12
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 14
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 18
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 5 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 4 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 13 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 17 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 2 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
DROP icmp -- 0.0.0.0/0 0.0.0.0/0
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:22 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-ACCEPT '
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state
NEW,RELATED,ESTABLISHED tcp dpt:22
reject_func tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:113 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:22 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP '
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:22 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:111 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP '
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:111 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpts:1024:65535 flags:0x16/0x02 LOG flags 6 level 4 prefix
`SuSE-FW-ACCEPT '
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED tcp dpts:1024:65535
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state
ESTABLISHED tcp dpts:600:65535 flags:!0x16/0x02
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state
ESTABLISHED tcp dpt:20 flags:!0x16/0x02
ACCEPT udp -- 195.3.96.67 0.0.0.0/0 state
NEW,RELATED,ESTABLISHED udp spt:53 dpts:1024:65535
ACCEPT udp -- 195.3.96.68 0.0.0.0/0 state
NEW,RELATED,ESTABLISHED udp spt:53 dpts:1024:65535
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp
dpt:22
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp
dpt:111
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp
dpt:111
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED udp dpts:1024:65535
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state
ESTABLISHED udp dpts:61000:65095
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 4 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 5 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 8 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 13 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 17 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG udp -- 0.0.0.0/0 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG all -- 0.0.0.0/0 0.0.0.0/0 state
INVALID LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT-INVALID '
DROP all -- 0.0.0.0/0 0.0.0.0/0
Chain input_int (1 references)
target prot opt source destination
LOG all -- 62.46.155.103 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-ANTI-SPOOF '
DROP all -- 62.46.155.103 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 8
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 3
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 11
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 12
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 14
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED icmp type 18
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 5 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 4 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 13 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 17 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 2 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
DROP icmp -- 0.0.0.0/0 0.0.0.0/0
reject_func tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:113 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpts:1024:65535 flags:0x16/0x02 LOG flags 6 level 4 prefix
`SuSE-FW-ACCEPT '
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED tcp dpts:1024:65535
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state
ESTABLISHED tcp dpts:600:65535 flags:!0x16/0x02
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state
ESTABLISHED tcp dpt:20 flags:!0x16/0x02
ACCEPT udp -- 195.3.96.67 0.0.0.0/0 state
NEW,RELATED,ESTABLISHED udp spt:53 dpts:1024:65535
ACCEPT udp -- 195.3.96.68 0.0.0.0/0 state
NEW,RELATED,ESTABLISHED udp spt:53 dpts:1024:65535
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED udp dpts:1024:65535
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 4 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 5 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 8 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 13 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 17 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG udp -- 0.0.0.0/0 0.0.0.0/0 LOG
flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG all -- 0.0.0.0/0 0.0.0.0/0 state
INVALID LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT-INVALID '
DROP all -- 0.0.0.0/0 0.0.0.0/0
Chain reject_func (3 references)
target prot opt source destination
REJECT tcp -- 0.0.0.0/0 0.0.0.0/0
reject-with tcp-reset
REJECT udp -- 0.0.0.0/0 0.0.0.0/0
reject-with icmp-port-unreachable
REJECT all -- 0.0.0.0/0 0.0.0.0/0
reject-with icmp-proto-unreachable
| < Previous | Next > |