Am Sonntag, 23. Juli 2006 21:01 schrieb Carlos E. R.:
The Sunday 2006-07-23 at 16:29 +0200, Jan Ritzerfeld wrote:
You should check your /etc/sysconfig/SuSEfirewall2. E.g., by using grep -v "#" /etc/sysconfig/SuSEfirewall2 to ensure that all options are well-formed (KEY="VALUE"). If so, try to comment out all options and re-add them one by one until the problem is triggered.
As far as I can see, they are all well formed, no "#" appears in the output. (...).
Oops, the regex was somewhat wrong, or useless. grep -v "^#" would have been better.
FW_TRUSTED_NETS="192.168.1.11,tcp,ftp 192.168.1.11,tcp,ftp-data \ ## Type: string ## Default: 192.168.1.11,tcp,ssh \ 192.168.1.1,udp,tftp"
Argh, such lines would be surpressed, regardless which regex you used.
I removed the comments in the middle and the error got corrected. I can't understand how they got there :-O
Does not matter. You found the error. :)
I'm also getting some strange errors, maybe non related:
Jul 23 13:13:16 nimrodel kernel: SFW2-OUT-ERROR IN= OUT=eth0 SRC=192.168.1.12 DST=134.76.11.100 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=61663 DF PROTO=TCP SPT=24438 DPT=80 WINDOW=2184 RES=0x00 ACK FIN URGP=0 OPT (0101080A0002D56B70A5E356) (...).
Hmm, you already experienced such log entries some months ago. :) http://lists.suse.com/archive/suse-security/2006-Apr/0056.html
True enough. But this is the first time I noticed them appearing in the log at the same time as I clicked somewhere, ie, repeatable.
For me, this kind of errors was repeatable when using "whois" querying a special domain, i.e., a special whois server. But I do not think that these "errors" are harmfull and, so, I just ignore them. BTW, one of the IP addresses appearing in my SW2-OUT-ERRORs is 195.135.221.132, ftp.suse.com ...
And previously it was 9.3, now it is 10.1
AFAIK, there was not much change in the SuSEfirewall2 ... Gruß Jan -- You have taken yourself too seriously.