Mailinglist Archive: opensuse-security (261 mails)
| < Previous | Next > |
Re: [suse-security] SuSEfirewall2 configuration problem
- From: ka1ifq <ka1ifq@xxxxxxxxxxxxx>
- Date: Sat, 3 Apr 2004 19:30:34 -0500
- Message-id: <200404031930.35099.ka1ifq@xxxxxxxxxxxxx>
On Saturday 03 April 2004 18:28, Robbert Eggermont wrote:
> Hi,
>
> I have some problems with the configuration of the SuSEfirewall2 (3.1)
> on a SuSE 9.0 system. I have read the unofficial SuSEFAQ by Togan
> Muftuoglu, but unfortunately this could not help me to solve the
> problem.
>
> The system is part of a NIS domain with central NFS server. When the
> firewall is off, I have full network functionality (i.e. the system
> boots as a NIS client with nfs mounted home directories).
>
> However, when I enable SuSEfirewall2 for this system (using YaST),
> the firewall (/etc/rc.d/rc5.d/S01SuSEfirewall2_init) blocks
> ("destination unreachable") all {dns, smb, nfs, nis} traffic until
> (S14SuSEfirewall2_setup) *after* the {smbfs, nfs, ypbind} services are
> started...
>
> I'm wondering if the above functionality is by design, and if so, why?
> And, more important, how do I configure the firewall so everything
> works? (I haven't seen any mention of this problem, so I'm wondering
> if I'm just doing something wrong, or noone else is using SuSE 9.0,
> SuSEfirewall2 and {smb, nfs, nis}?)
>
> Thanx in advance,
>
> Robbert Eggermont
I would venture a guess that the Firewall Defaults to a SECURE mode ( block
all ) until it cycles thru each service section and there decides to leave it
off or turn it on. If you want everything on there may be a possibility of
changing the defaults to all on and then turn off the unused services. I do
not use the built in firewall myself but have worked a little with the manual
mode of Iptables for a home firewall.
HTH Mike
--
From my SuSe Linux Desktop
<ka1ifq@xxxxxxxxxxxxx>
Linux, Because rebooting is for new hardware!
> Hi,
>
> I have some problems with the configuration of the SuSEfirewall2 (3.1)
> on a SuSE 9.0 system. I have read the unofficial SuSEFAQ by Togan
> Muftuoglu, but unfortunately this could not help me to solve the
> problem.
>
> The system is part of a NIS domain with central NFS server. When the
> firewall is off, I have full network functionality (i.e. the system
> boots as a NIS client with nfs mounted home directories).
>
> However, when I enable SuSEfirewall2 for this system (using YaST),
> the firewall (/etc/rc.d/rc5.d/S01SuSEfirewall2_init) blocks
> ("destination unreachable") all {dns, smb, nfs, nis} traffic until
> (S14SuSEfirewall2_setup) *after* the {smbfs, nfs, ypbind} services are
> started...
>
> I'm wondering if the above functionality is by design, and if so, why?
> And, more important, how do I configure the firewall so everything
> works? (I haven't seen any mention of this problem, so I'm wondering
> if I'm just doing something wrong, or noone else is using SuSE 9.0,
> SuSEfirewall2 and {smb, nfs, nis}?)
>
> Thanx in advance,
>
> Robbert Eggermont
I would venture a guess that the Firewall Defaults to a SECURE mode ( block
all ) until it cycles thru each service section and there decides to leave it
off or turn it on. If you want everything on there may be a possibility of
changing the defaults to all on and then turn off the unused services. I do
not use the built in firewall myself but have worked a little with the manual
mode of Iptables for a home firewall.
HTH Mike
--
From my SuSe Linux Desktop
<ka1ifq@xxxxxxxxxxxxx>
Linux, Because rebooting is for new hardware!
| < Previous | Next > |