Hi again,
when i ping for example www.suse.de, the firewall makes an entry in /var/log/firewall like this:
... SuSE-FW-DROP-DEFAULTIN=ippp0 .... SRC= [ DNS ]...
I think the firewall blocks the connection to the DNS Server, but why ??? The Connection from the client to the DNS is not blocked !
Thanks
PHJ
Hi Freddy,
thank you. It's right on the client machines i've configured the dns ! But the resolv.conf is configured correct and is modified by the ip-up script. That's not the problem. For example when i don't start the firewall everything works fine on the firewall computer.
Thanks
PHJ
-------------------------------------------------------------------------- -- ------
Hello !
I have a problem with Firewall 2 in Suse:
1. When i start the Firewall 2, other computers in the network can connect to the internet via ip masquerading, but the computer where the firewall runs, has no access to the internet !
Check your "/etc/resolv.conf". If you don't run a DNS-Server with forwarders you have to put the dns from your ISP in the resolv.conf. Do you use isdn to connect to your ISP ? If so , try "MODIFY_RESOLV_CONF_DYNAMICALLY = yes" in the /etc/rc.config and the ms-get-dns in the "/etc/ppp/options". If you use the SuSE "/etc/ppp/ip-up" script , the script tries to get the dns from your ISP and put the dns in to your /etc/resolv.conf". After disconnect, the script restores the resolv.conf. That your clientmachines can connect to the inet , is that you have configured the dns on the clientmachines - i think so?
2. How is it possible to do not start personal-firewall at boot, because
i
think when i use firewall 2, it is not necessary to run
Hi,
what are ports by that logentry ?
SPT= - DPT=
Do you have blocked the HighPorts in the "firewall2.rc.config" ?
Check this entries.
FW_ALLOW_INCOMING_HIGHPORTS_TCP="yes"
FW_ALLOW_INCOMING_HIGHPORTS_UDP="yes"
greetings
freddy
----- Original Message -----
From: "PHJ"
???
remove the "personal-firewall package" or what i did , remove the links unter "/etc/init.d/rc.x.d/".
Thank you for help !
PHJ
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
Hope it helps kind regards freddy
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com