Mailinglist Archive: opensuse-security (605 mails)

< Previous Next >
Iptables-firewall
hi!

Please help me!
I am already to despair


3 days ago I've written an email to you. thanks for your help! everything
worked fine, except the nfs.

I opened the ports 2049 and 111 completely, but I still get this error
message:
mount: RPC: Wartezeit abgelaufen ("waiting time expired")

I tried to log everything blocked by the firewall, but it didn't work. I
don't find the log file of iptables nor in /var/log/messages. These things
I've already tried:

1)
iptables -N no-conns-from-eth0
iptables -A no-conns-from-eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A no-conns-from-eth0 -m state --state NEW -i ! eth0 -j ACCEPT
iptables -A no-conns-from-eth0 -i $DEV_EXT -m limit -j LOG --log-prefix "Bad
packet from eth0:"
iptables -A no-conns-from-eth0 -i ! $DEV_EXT -m limit -j LOG --log-prefix
"Bad packet not from eth0:"
iptables -A no-conns-from-eth0 -j DROP
iptables -A INPUT -j no-conns-from-eth0
iptables -A FORWARD -j no-conns-from-eth0

2)
iptables -N my_drop
iptables -A my_drop -p ICMP -j LOG --log-prefix "DROP-ICMP "
iptables -A my_drop -p UDP -j LOG --log-prefix "DROP-UDP "
iptables -A my_drop -p TCP -j LOG --log-prefix "DROP-TCP "
iptables -A my_drop -j DROP

3)
iptables -A INPUT -i $DEV_EXT -f -j LOG --log-prefix "IPTABLES FRAGMENTS:"
iptables -A INPUT -i $DEV_EXT -f -j DROP

4)
iptables -N logdrop
iptables -A logdrop -j LOG
iptables -A logdrop -j DROP
iptables -j logdrop

can anybody tell me where I can find the log files? answers in german would
be very helpful, but many thanks to all!!!

Rüdiger H

< Previous Next >
Follow Ups