Hi, so, nun habe ja gestern die default-Einstellungen der FW2 geändert, aber das Resultat hat sich nicht verändert. Hat dazu niemand eine Idee, was dann da falsch läuft? Laut YOU sind die updates engespielt. # /etc/sysconfig/SuSEfirewall2 # # for use with /sbin/SuSEfirewall2 version 3.1 which is for 2.4 kernels! ... #FW_CUSTOMRULES="/etc/sysconfig/scripts/SuSEfirewall2-custom" FW_CUSTOMRULES="" ... # 26.) # Do you want to REJECT packets instead of DROPing? # # DROPing (which is the default) will make portscans and attacks much # slower, as no replies to the packets will be sent. REJECTing means, that # for every illegal packet, a connection reject packet is sent to the # sender. # # Choice: "yes" or "no", if not set defaults to "no" # # FW_REJECT="no" FW_REJECT="yes" Ein Beenden & Neustarten der FW2 erbrachte keine Änderung, und nach einem Neustart des Systems erscheint folgendes in den Logdateien (nun aktuelle Daten): Sep 21 08:26:21 warblade kernel: SuSE-FW-DROP-DEFAULT IN=ppp0 OUT= MAC= SRC=84.128.192.25 DST=84.133.121.214 LEN=48 TOS=0x00 PREC=0x00 TTL=123 ID=3777 DF PROTO=TCP SPT=2891 DPT=5000 WINDOW=64240 RES=0x00 SYN URGP=0 OPT (020405AC01010402) Sep 21 08:26:22 warblade kernel: SuSE-FW-DROP-DEFAULT IN=ppp0 OUT= MAC= SRC=84.128.192.25 DST=84.133.121.214 LEN=48 TOS=0x00 PREC=0x00 TTL=123 ID=3801 DF PROTO=TCP SPT=2891 DPT=5000 WINDOW=64240 RES=0x00 SYN URGP=0 OPT (020405AC01010402) Sep 21 08:26:22 warblade kernel: SuSE-FW-DROP-DEFAULT IN=ppp0 OUT= MAC= SRC=219.137.73.227 DST=84.133.121.214 LEN=48 TOS=0x00 PREC=0x00 TTL=116 ID=37039 DF PROTO=TCP SPT=4066 DPT=9898 WINDOW=64800 RES=0x00 SYN URGP=0 OPT (020405A001010402) Sep 21 08:26:22 warblade kernel: SuSE-FW-DROP-DEFAULT IN=ppp0 OUT= MAC= SRC=84.128.192.25 DST=84.133.121.214 LEN=48 TOS=0x00 PREC=0x00 TTL=123 ID=3820 DF PROTO=TCP SPT=2891 DPT=5000 WINDOW=64240 RES=0x00 SYN URGP=0 OPT (020405AC01010402) Sep 21 08:26:23 warblade kernel: SuSE-FW-DROP-DEFAULT IN=ppp0 OUT= MAC= SRC=62.143.56.215 DST=84.133.121.214 LEN=48 TOS=0x08 PREC=0x00 TTL=118 ID=1933 DF PROTO=TCP SPT=3055 DPT=5000 WINDOW=65535 RES=0x00 SYN URGP=0 OPT (020405B401010402) Sep 21 08:26:23 warblade kernel: SuSE-FW-DROP-DEFAULT IN=ppp0 OUT= MAC= SRC=62.143.56.215 DST=84.133.121.214 LEN=48 TOS=0x08 PREC=0x00 TTL=119 ID=1962 DF PROTO=TCP SPT=3055 DPT=5000 WINDOW=65535 RES=0x00 SYN URGP=0 OPT (020405B401010402) Sep 21 08:26:24 warblade kernel: SuSE-FW-DROP-DEFAULT IN=ppp0 OUT= MAC= SRC=62.143.56.215 DST=84.133.121.214 LEN=48 TOS=0x08 PREC=0x00 TTL=119 ID=1982 DF PROTO=TCP SPT=3055 DPT=5000 WINDOW=65535 RES=0x00 SYN URGP=0 OPT (020405B401010402) Sep 21 08:26:30 warblade kernel: SuSE-FW-DROP-DEFAULT IN=ppp0 OUT= MAC= SRC=84.133.126.203 DST=84.133.121.214 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=17799 DF PROTO=TCP SPT=3440 DPT=445 WINDOW=32767 RES=0x00 SYN URGP=0 OPT (020405AC0103030001010402) Sep 21 08:26:31 warblade kernel: SuSE-FW-DROP-DEFAULT IN=ppp0 OUT= MAC= SRC=84.133.126.203 DST=84.133.121.214 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=17822 DF PROTO=TCP SPT=3440 DPT=445 WINDOW=32767 RES=0x00 SYN URGP=0 OPT (020405AC0103030001010402) Sep 21 08:26:32 warblade kernel: SuSE-FW-DROP-DEFAULT IN=ppp0 OUT= MAC= SRC=84.133.126.203 DST=84.133.121.214 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=17857 DF PROTO=TCP SPT=3440 DPT=445 WINDOW=32767 RES=0x00 SYN URGP=0 OPT (020405AC0103030001010402) Sep 21 08:26:34 warblade kernel: SuSE-FW-DROP-DEFAULT IN=ppp0 OUT= MAC= SRC=217.42.57.234 DST=84.133.121.214 LEN=48 TOS=0x00 PREC=0x00 TTL=115 ID=21644 DF PROTO=TCP SPT=3085 DPT=445 WINDOW=65535 RES=0x00 SYN URGP=0 OPT (020405AC01010402) Sep 21 08:26:35 warblade kernel: SuSE-FW-DROP-DEFAULT IN=ppp0 OUT= MAC= SRC=217.42.57.234 DST=84.133.121.214 LEN=48 TOS=0x00 PREC=0x00 TTL=115 ID=22097 DF PROTO=TCP SPT=3085 DPT=445 WINDOW=65535 RES=0x00 SYN URGP=0 OPT (020405AC01010402) Sep 21 08:26:36 warblade kernel: SuSE-FW-DROP-DEFAULT IN=ppp0 OUT= MAC= SRC=217.42.57.234 DST=84.133.121.214 LEN=48 TOS=0x00 PREC=0x00 TTL=115 ID=22504 DF PROTO=TCP SPT=3085 DPT=445 WINDOW=65535 RES=0x00 SYN URGP=0 OPT (020405AC01010402) Sep 21 08:26:52 warblade kernel: SuSE-FW-DROP-DEFAULT IN=ppp0 OUT= MAC= SRC=84.133.23.210 DST=84.133.121.214 LEN=48 TOS=0x00 PREC=0x00 TTL=124 ID=31183 DF PROTO=TCP SPT=3718 DPT=445 WINDOW=16384 RES=0x00 SYN URGP=0 OPT (020405A001010402) Sep 21 08:26:55 warblade kernel: SuSE-FW-DROP-DEFAULT IN=ppp0 OUT= MAC= SRC=84.133.23.210 DST=84.133.121.214 LEN=48 TOS=0x00 PREC=0x00 TTL=124 ID=31415 DF PROTO=TCP SPT=3718 DPT=445 WINDOW=16384 RES=0x00 SYN URGP=0 OPT (020405A001010402) Andere Änderungen, bspw. der erreichbaren Ports, werden umgesetzt - offenbar aber nicht das DROPen . Gruß Torsten