The 03.06.19 at 13:14, Jeffrey L. Taylor wrote:
Notice that the source port is 53. This is DNS (AKA domain). It is almost certainly legitimate. Looking at the IPchains rules on my box (cable modem) the SuSE-FW-ILLEGAL-TARGET rule applies to packets to the box that do not have the "correct" destination address. Try this:
iptables-save | grep -e "-j input_ext"
None now, ppp0 (ext) conection is down. If you look at the whole thread, the problem seems to be that the firewall is restarted and network traffic starts a bit too soon, and get rejected. I'm trying to log those few seconds to verify that hypothesis.
Try starting/restarting the firewall in ip_up.
No need: the ip-up script was written by SuSE, and they do just that. That is shown in another log: Jun 19 14:11:34 nimrodel SuSEfirewall2: Firewall rules successfully set from /etc/sysconfig/SuSEfirewall2 Jun 19 14:11:34 nimrodel ip-up.local: --> Up ppp0 /dev/ttyS1 115200 L: 81.41.199.207 R: 80.58.197.103 Par: Jun 19 14:11:34 nimrodel ip-up.local: --> Waiting for tcpdump activation Jun 19 14:11:44 nimrodel ip-up.local: --> Launching fetch/send tasks now -- Cheers, Carlos Robinson