Thank you that helped but I have one more question It did not solve my real prolblem of masking and droping the packets before they get out of ipsec0 do these statements look right? Thank you FW_FORWARD_MASQ=192.168.10.0/24 192.168.10.0/24 FW_MASQ_NETS="192.168.10.0/24"
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi !
Error: the fourth parameter is for use with tcp, udp and icmp only in FW_FORWARD -> 192.168.10.0/24,192.168.0.0/16,192.168.0.0/24,192.168.10.0/16
- --> This is from /etc/sysconfig/SuSEfirewall You should separate the different IP ranges by spaces, not by comma. This is the correct syntax:
192.168.10.0/24 192.168.0.0/16 192.168.1.0/8,tcp,ssh
HTH, Armin
- -- Am Hasenberg 26 office: Institut für Atmosphärenphysik D-18209 Bad Doberan Schloss-Straße 6 Tel. ++49-(0)38203/42137 D-18225 Kühlungsborn / GERMANY Email: schoech@iap-kborn.de Tel. +49-(0)38293-68-102 WWW: http://armins.cjb.net/ Fax. +49-(0)38293-68-50 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org
iD8DBQE+xMecG8Xv4GxznLoRAvBJAJ0fvxsBZA3lFjdx9kB7/2WK9AZFsACeJwjt 0lgYOdt7su6CVD5q71vYNRM= =t0Lh -----END PGP SIGNATURE-----
-- Absolute Internet Services (http://www.aiserve.net)