Thanks Engelbert, which miracel with the option "test" it works.. Now I have some more lines in var/lop/messages but I can't get some helpfull info from it. Is there an other place were I need to look or is the attach info more readable for the experts? Thanks a lot Michael Jan 11 18:44:42 tamboti SuSEfirewall2: Firewall set in TEST mode. Jan 11 18:44:42 tamboti modprobe: modprobe: Can't locate module ippp1 Jan 11 18:44:43 tamboti kernel: ip_tables: (C) 2000-2002 Netfilter core team Jan 11 18:44:43 tamboti kernel: ip_conntrack version 2.1 (4095 buckets, 32760 max) - 304 bytes per conntrack Jan 11 18:44:44 tamboti SuSEfirewall2: Firewall rules successfully set from /etc/sysconfig/SuSEfirewall2 Jan 11 18:44:53 tamboti ipppd[3232]: Found 1 device: Jan 11 18:44:53 tamboti ipppd[3233]: ipppd i2.2.12 (isdn4linux version of pppd by MH) started Jan 11 18:44:53 tamboti ipppd[3233]: init_unit: 0 Jan 11 18:44:53 tamboti kernel: ippp, open, slot: 1, minor: 1, state: 0 000 Jan 11 18:44:53 tamboti kernel: ippp_ccp: allocated reset data structur e c7e91800 Jan 11 18:44:53 tamboti ipppd[3233]: Connect[0]: /dev/ippp1, fd: 14 Jan 11 18:44:53 tamboti kernel: ippp1: dialing 1 019103000... Jan 11 18:44:53 tamboti isdnlog: Jan 11 18:44:53 * tei 83 calling vr-we b with ? RING (Data) Jan 11 18:44:55 tamboti isdnlog: Jan 11 18:44:55 tei 83 calling vr-web with ? Time:Sun Jan 11 18:44:00 2004 Jan 11 18:44:55 tamboti isdnlog: Jan 11 18:44:55 tei 83 calling vr-web with ? CONNECT (Data) Jan 11 18:44:55 tamboti isdnlog: Jan 11 18:44:55 tei 83 calling vr-web with ? INTERFACE ippp1 calling 019103000 Jan 11 18:44:55 tamboti isdnlog: Jan 11 18:44:55 tei 83 calling vr-web with ? No area info for provider 33_0 (13), destination 019103000 Jan 11 18:44:55 tamboti kernel: isdn_net: ippp1 connected Jan 11 18:44:55 tamboti ipppd[3233]: Local number: 0, Remote number: 01 9103000, Type: outgoing Jan 11 18:44:55 tamboti ipppd[3233]: PHASE_WAIT -> PHASE_ESTABLISHED, i funit: 1, linkunit: 0, fd: 14 Jan 11 18:44:55 tamboti ipppd[3233]: ioctl(SIOCSIFMTU): Invalid argumen t, 10 ippp1 1524. Jan 11 18:44:55 tamboti ipppd[3233]: Remote message: Jan 11 18:44:55 tamboti ipppd[3233]: MPPP negotiation, He: No We: No Jan 11 18:44:55 tamboti ipppd[3233]: CCP enabled! Trying CCP. Jan 11 18:44:55 tamboti ipppd[3233]: CCP: got ccp-unit 0 for link 0 (Co mpression Control Protocol) Jan 11 18:44:55 tamboti ipppd[3233]: ccp_resetci! Jan 11 18:44:55 tamboti kernel: Received CCP frame from peer slot(1) Jan 11 18:44:55 tamboti kernel: [1/1].ccp-rcv[0]: 01 01 00 09 11 05 00 01 04 Jan 11 18:44:55 tamboti ipppd[3233]: ccp_resetci! Jan 11 18:44:55 tamboti kernel: Received CCP frame from daemon: Jan 11 18:44:55 tamboti kernel: [1/1].ccp-xmit[0]: ff 03 80 fd 01 01 00 04 Jan 11 18:44:55 tamboti kernel: Received CCP frame from daemon: Jan 11 18:44:55 tamboti kernel: [1/1].ccp-xmit[0]: ff 03 80 fd 04 01 00 09 11 05 00 01 04 Jan 11 18:44:55 tamboti kernel: Received CCP frame from peer slot(1) Jan 11 18:44:55 tamboti kernel: [1/1].ccp-rcv[0]: 04 01 00 04 Jan 11 18:44:55 tamboti kernel: Received CCP frame from peer slot(1) Jan 11 18:44:55 tamboti kernel: [1/1].ccp-rcv[0]: 01 02 00 0a 11 06 00 01 01 03 Jan 11 18:44:55 tamboti ipppd[3233]: ccp_resetci! Jan 11 18:44:55 tamboti kernel: Received CCP frame from daemon: Jan 11 18:44:55 tamboti kernel: [1/1].ccp-xmit[0]: ff 03 80 fd 01 02 00 04 Jan 11 18:44:55 tamboti kernel: Received CCP frame from daemon: Jan 11 18:44:55 tamboti kernel: [1/1].ccp-xmit[0]: ff 03 80 fd 04 02 00 0a 11 06 00 01 01 03 Jan 11 18:44:55 tamboti ipppd[3233]: local IP address 62.227.40.199 Jan 11 18:44:55 tamboti ipppd[3233]: remote IP address 212.185.250.217 Jan 11 18:44:55 tamboti kernel: Received CCP frame from peer slot(1) Jan 11 18:44:55 tamboti kernel: [1/1].ccp-rcv[0]: 04 02 00 04 Jan 11 18:44:56 tamboti modify_resolvconf: Service ipppd modified /etc/ resolv.conf. See info block in this file Jan 11 18:44:56 tamboti kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp1 OUT= MA C= SRC=193.158.141.116 DST=62.227.40.199 LEN=73 TOS=0x00 PREC=0x00 TTL= 57 ID=21402 PROTO=UDP SPT=53 DPT=1025 LEN=53 Jan 11 18:44:56 tamboti kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp1 OUT= MA C= SRC=193.158.141.116 DST=62.227.40.199 LEN=113 TOS=0x00 PREC=0x00 TTL =57 ID=20899 PROTO=UDP SPT=53 DPT=1025 LEN=93 Jan 11 18:44:56 tamboti kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp1 OUT= MA C= SRC=192.53.103.103 DST=62.227.40.199 LEN=76 TOS=0x00 PREC=0x00 TTL=5 5 ID=192 PROTO=UDP SPT=123 DPT=123 LEN=56 Jan 11 18:44:56 tamboti kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp1 OUT= MA C= SRC=192.53.103.103 DST=62.227.40.199 LEN=76 TOS=0x00 PREC=0x00 TTL=5 5 ID=207 PROTO=UDP SPT=123 DPT=123 LEN=56 Jan 11 18:44:56 tamboti kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp1 OUT= MA C= SRC=192.53.103.103 DST=62.227.40.199 LEN=76 TOS=0x00 PREC=0x00 TTL=5 engelbert.gruber@ssg.co.at wrote:
On Sun, 11 Jan 2004, Michael Hoeller wrote:
I have update my config but I still can't acces the INet when the firewall is up. No problems without the firwall.
I am really lost and have no idea what else to check -- maybe someone has an idea or sees what I over see??
SusEfirewall2 test does not block anything but logs packes which would get blocked.
-- Encrypted eMail welcome! Get my OpenPGP-Key ID: 0xE9B00731 from: wwwkeys.de.pgp.net