On Thursday 27 July 2006 16:50, Michael James wrote:
Susefirewall2 fills my logs with reports of dropped packets as a stupid windows network monitor tries to talk SNMP.
I've asked them to stop, but often "fixing the internet" is not the easiest way to resolve problems.
The SLES9 version of Susefirewall2 lacks the parameter "FW_SERVICES_DROP_EXT="0/0,tcp,161" # Packets to silently reject without log message.
So as I've done so often, I upgraded the SLES9 RPM. rpm -Fvh SuSEfirewall2-3.3-18.noarch.rpm
Pulled a copy of /etc/sysconfig/Susefirewall2 across from my 9.3 workstation and customised it. Rebooted and it seems to work fine. I'll give it a week and upgrade all the production boxes.
Just wanted to share that, (and see if anyone knew why not...) michaelj
SLES9 is an enterprise class server, but SuseFirewall is a user class firewall tool. Rip it out and install Shorewall. It is Vastly more powerful, dramatically easier to use, better documented,and full of features. -- _____________________________________ John Andersen