Hallo Liste, ich benutze meine Linux Rechnner u.A. als Gateway zum Internet und möchte das SuSEfirewall-Skript benutzen. Aber nach dem Einrichten des Skripts, funktioniert 1. das AutoDial und 2. das Masquerading nicht mehr. Hat hier jemand 'nen Tipp, was ich falsch konfiguriert habe? Viele Dank für Eure Mühe. Grüße Thom Und die sind die (fast kommentarlosen) Einträge aus /etc/rc.config.d/firewall.rc.config FW_DEV_WORLD="ippp0" #FW_DEV_WORLD_ippp0="192.168.2.99 255.255.255.255" # e.g. for exernal interface ippp0 FW_DEV_INT="eth0" FW_DEV_INT_eth0="192.168.0.4 255.255.255.0" # e.g. for internal interface eth0 FW_DEV_DMZ="" #FW_DEV_DMZ_eth1="192.168.1.1 255.255.255.0" # e.g. for dmz interface eth1 FW_ROUTE="yes" FW_MASQUERADE="YES" FW_MASQ_NETS="192.168.0.0/24" FW_MASQ_DEV="$FW_DEV_WORLD" # e.g. "ippp0" or "$FW_DEV_WORLD" FW_PROTECT_FROM_INTERNAL="no" FW_AUTOPROTECT_GLOBAL_SERVICES="yes" # "yes" is a good choice FW_SERVICES_EXTERNAL_TCP="smtp domain" # Common: smtp domain FW_SERVICES_EXTERNAL_UDP="domain" # Common: domain FW_SERVICES_DMZ_TCP="smtp domain" # Common: smtp domain FW_SERVICES_DMZ_UDP="domain syslog" # Common: domain syslog FW_SERVICES_INTERNAL_TCP="ssh smtp domain www 3128" # Common: ssh smtp domain FW_SERVICES_INTERNAL_UDP="domain" # Common: domain FW_TRUSTED_NETS="" FW_SERVICES_TRUSTED_TCP="" # Common: ssh FW_SERVICES_TRUSTED_UDP="" # Common: syslog time ntp FW_ALLOW_INCOMING_HIGHPORTS_TCP="yes" # Common: "ftp-data" (sadly!) FW_ALLOW_INCOMING_HIGHPORTS_UDP="yes" # Common: "dns" FW_SERVICE_DNS="no" # if yes, FW_SERVICES_*_TCP needs to have port 53 FW_SERVICE_DHCLIENT="no" # if you use dhclient to get an ip address FW_SERVICE_DHCPD="no" # set to "yes" if this server is a DHCP server FW_SERVICE_SAMBA="no" # set to "yes" if this server uses samba as client FW_FORWARD_TCP="" FW_FORWARD_UDP="" FW_FORWARD_MASQ_TCP="" FW_FORWARD_MASQ_UDP="" FW_REDIRECT_TCP="" FW_REDIRECT_UDP="" FW_LOG_DENY_CRIT="yes" FW_LOG_DENY_ALL="no" FW_LOG_ACCEPT_CRIT="yes" FW_LOG_ACCEPT_ALL="no" FW_KERNEL_SECURITY="yes" FW_STOP_KEEP_ROUTING_STATE="yes" FW_ALLOW_PING_FW="yes" FW_ALLOW_PING_DMZ="no" FW_ALLOW_FW_TRACEROUTE="no" FW_ALLOW_FW_SOURCEQUENCH="yes" FW_MASQ_MODULES="autofw cuseeme ftp irc mfw portfw quake raudio user vdolive" -- ------------------------------------------------------------------- bye bye (c) by Thom | Thorsten Marquardt | EMail: THOM@kaupp.chemie.uni-oldenburg.de | Member of the pzt project. | http://kaupp.chemie.uni-oldenburg.de/pzt -------------------------------------------------------------------