6 Sep
2001
6 Sep
'01
16:01
again: try using "SuSEfirewall2 status | grep DROP-DEFAULT" to figure out which rule does it. use "iptables -Z <chain>" to zero package count for every chain. Once you got the rule you can look which part of SuSEfirewall2 set it. good luck! Anthony Hogbin schrieb:
Alas - machines in DMZ are not getting out at all, despite their ability to resolve IP's using the firewall..... FW_FORWARD="$DMZ_MACHINE,0/0" does not seem to be letting it out?! Packets are being dropped with SuSE-FE-DROP-DEFAULTIN :(
They can be seen by machines in the 192 LAN which is a bonus - but just not get out themselves - I am sure I am missing the point somewhere?