* M. Neubert;
One thing with FW_SECURITY is if you enable it once AFAIK you can only bring to the initial stage by rebooting. That can be the cause.
Your "AFAIK" is correct but my AFAIK is, that only one kernel param can be a possible problem. This is ip_local_port_range="1024 29999". I don't know exactly which effects he has. The tcp/udp ports are in this range. Does the kernel only for this portrange forwarding/masquerading or will he not use this ports for forwarding/masq because they are reserved for local use? I think more/less that this parameter doesn't play any role.
http://ipsysctl-tutorial.frozentux.net/chunkyhtml/index.html could be help
The Thread possibly becomes OT. Does somebody a good preferably SuSE referential place for this topic, or should we stay here, because it's somehow(SuSEfirewall) security related.
My call would be keep it here as it is related to SuSEfirewall2 which is a security package Sorry VMware and SuSEfirewall2 I haven't played but looks like I want to play :-) -- Togan Muftuoglu