Mailinglist Archive: opensuse (3644 mails)

< Previous Next >
Re: [SLE] SuSEfirewall2 help needed
  • From: Dallam <dallam.wyche@xxxxxxxxxx>
  • Date: Tue, 5 Mar 2002 17:55:38 +0000
  • Message-id: <20020305175537.GA9359@xxxxxxxxxx>
On Tue, Mar 05, 2002 at 04:43:35PM +0200, Togan Muftuoglu wrote:

grep -v ^# /etc/rc.config.d/firewall2.rc.config
grep -v ^# /etc/rc.config

Hi Togan,
Thank you for your help, here are the results of what you requested:

rc.config

DEFAULT_LANGUAGE="english"
ENABLE_SUSECONFIG="yes"
MAIL_REPORTS_TO="root"
MAIL_LEVEL="warn"
GMT="--localtime"

TIMEZONE="Europe/London"
START_LOOPBACK="yes"
DEFAULT_PRINTER="lp"
NETCONFIG=""
NETCONFIG_PCMCIA=""

IPADDR_0=""
IPADDR_1=""
IPADDR_2=""
IPADDR_3=""
NETDEV_0=""
NETDEV_1=""
NETDEV_2=""
NETDEV_3=""

IFCONFIG_0=""
IFCONFIG_1=""
IFCONFIG_2=""
IFCONFIG_3=""

SETUPDUMMYDEV="no"

IP_DYNIP="no"

IP_TCP_SYNCOOKIES="yes"

IP_FORWARD="no"

CHECK_ETC_HOSTS="yes"

BEAUTIFY_ETC_HOSTS="yes"

SORT_PASSWD_BY_UID="no"

FQHOSTNAME="lucy.constantchaos.com"

ORGANIZATION=""

NNTPSERVER="news"

SMTP="yes"

FROM_HEADER="dallam.wyche@xxxxxxxxxx"

HTTP_PROXY=""

FTP_PROXY=""

NO_PROXY="localhost"

CLOSE_CONNECTIONS="false"

RUN_UPDATEDB="yes"

REINIT_MANDB="yes"

RUN_UPDATEDB_AS="nobody"

UPDATEDB_NETPATHS=""

UPDATEDB_PRUNEPATHS="/S.u.S.E. /mnt /cdrom /tmp /usr/tmp /var/tmp /var/spool
/proc /media"

UPDATEDB_NETUSER=""

DELETE_OLD_CORE="yes"

MAX_DAYS_FOR_CORE="1"

DELETE_OLD_CATMAN="yes"

CATMAN_ATIME="7"

CREATE_INFO_DIR="yes"

CHECK_PERMISSIONS="set"

PERMISSION_SECURITY="easy local"

MAX_DAYS_FOR_LOG_FILES="7"

MAX_DAYS_IN_TMP="0"

TMP_DIRS_TO_CLEAR="/tmp /var/tmp"

CLEAR_TMP_DIRS_AT_BOOTUP="no"

OWNER_TO_KEEP_IN_TMP="root"

CWD_IN_ROOT_PATH="no"

CWD_IN_USER_PATH="yes"

PASSWD_USE_CRACKLIB="no"

START_NSCD="yes"

PATH="/sbin:/bin:/usr/sbin:/usr/bin"

CREATE_JAVALINK="yes"

START_CRYPTO_FILESYSTEMS="yes"

MODIFY_RESOLV_CONF_DYNAMICALLY="yes"

INITRD_MODULES=""

HALT_SOUND="octave"

ENABLE_SYSRQ="yes"

DISABLE_ECN="yes"

MOUSE="/dev/ttyS0"

MODEM="/dev/ttyS1"

KEYTABLE="us.map.gz"

CONSOLE_FONT="lat1-16.psfu"

CONSOLE_SCREENMAP="none"

CONSOLE_UNICODEMAP=""

CONSOLE_MAGIC="(B"

KBD_RATE=""
KBD_DELAY=""

KBD_NUMLOCK="no"

KBD_CAPSLOCK="no"

KBD_TTY="tty1 tty2 tty3 tty4 tty5 tty6"

START_GPM="yes"

GPM_PARAM="-t ms -m /dev/mouse"

ROOT_LOGIN_REMOTE="no"

CHECK_INITTAB="yes"

DISPLAYMANAGER="kdm"

DEFAULT_WM="kde"

CONSOLE_SHUTDOWN="reboot"

SERIAL_CONSOLE=""

BOOT_SPLASH="yes"

test "$rc_done"= = = -a -e /etc/rc.status && . /etc/rc.status
CRON="yes"
UPDATE_GROFF_CONF="yes"
GROFF_PAGESIZE=""
COMPOSETABLE="clear winkeys shiftctrl latin1.add"
CREATE_PERLLOCAL_POD="yes"

KERNEL_LOGLEVEL="1"

SYSLOGD_PARAMS=""
ACTIVATE_RAW_DEV="no"

START_APMD="no"
START_ATD="yes"

START_FAM="no"
FB_MODULES=""

FBSET_PARAMS=""

START_HOTPLUG="yes"
START_ISAPNP="yes"

JAVA_THREADS_TYPE="green"
DOC_HOST="localhost"

DOC_SERVER="no"

DOC_ALLOW="localhost"

DOC_AUTOINDEX="no"

RUN_KSYSGUARDD="no"
KDM_SHUTDOWN="all"

KDM_USERS=""

KDE_USE_FAM="no"

INSTALL_DESKTOP_EXTENSIONS="yes"
START_AUTOFS="no"
I4L_START="no"
START_INETD="yes"
START_LPD="no"
NFS_SERVER="no"

USE_KERNEL_NFSD_NUMBER="4"
START_PORTMAP="no"
START_SMPPPD="no"
START_XNTPD="no"

XNTPD_INITIAL_NTPDATE=""
CREATE_YP_CONF="yes"

YP_DOMAINNAME=""

YP_SERVER=""

START_YPBIND="no"

START_FW="no"
START_SSHD="no"
SSHD_OPTS=""
START_ALSA="yes"
START_ALSA_SEQ="yes"
START_XFS="no"

SCRIPT_3D="switch2mesasoft"
LOAD_MEMSTAT_MODULE="no"
SUSEWM_UPDATE="yes"

SUSEWM_WM="all"

SUSEWM_XPM="yes"
YAST2_LOADFTPSERVER="yes"
START_USB="no"

START_FW2="yes"
*************************
rc.config.d/firewall2.config

FW_DEV_EXT="ppp0"

FW_DEV_INT=""

FW_DEV_DMZ=""

FW_ROUTE="no"

FW_MASQUERADE="no"
FW_MASQ_DEV="$FW_DEV_EXT"
FW_MASQ_NETS=""

FW_PROTECT_FROM_INTERNAL="yes"

FW_AUTOPROTECT_SERVICES="yes"

FW_SERVICES_EXT_TCP=""
FW_SERVICES_EXT_UDP="" # Common: domain
FW_SERVICES_EXT_IP=""
FW_SERVICES_DMZ_TCP=""
FW_SERVICES_DMZ_UDP=""
FW_SERVICES_DMZ_IP=""
FW_SERVICES_INT_TCP=""
FW_SERVICES_INT_UDP=""
FW_SERVICES_INT_IP=""

FW_TRUSTED_NETS=""

FW_ALLOW_INCOMING_HIGHPORTS_TCP="yes"
FW_ALLOW_INCOMING_HIGHPORTS_UDP="yes"

FW_SERVICE_AUTODETECT="yes" # Autodetect the services below when starting
FW_SERVICE_DNS="no"
FW_SERVICE_DHCLIENT="no"
FW_SERVICE_DHCPD="no"
FW_SERVICE_SQUID="no"
FW_SERVICE_SAMBA="no"

FW_FORWARD="" #Beware to use this!

FW_FORWARD_MASQ="" # Beware to use this!

FW_REDIRECT=""

FW_LOG_DROP_CRIT="yes"
FW_LOG_DROP_ALL="no"
FW_LOG_ACCEPT_CRIT="yes"
FW_LOG_ACCEPT_ALL="no"
FW_LOG="--log-level warning --log-tcp-options --log-ip-option --log-prefix
SuSE-FW"

FW_KERNEL_SECURITY="yes"

FW_STOP_KEEP_ROUTING_STATE="no"

FW_ALLOW_PING_FW="yes"
FW_ALLOW_PING_DMZ="no"
FW_ALLOW_PING_EXT="no"


FW_ALLOW_FW_TRACEROUTE="yes"

FW_ALLOW_FW_SOURCEQUENCH="yes"

FW_ALLOW_FW_BROADCAST="no"
FW_IGNORE_FW_BROADCAST="yes"

FW_ALLOW_CLASS_ROUTING="no"

Regards,
Dallam
--
Dallam Wych dallam.wyche@xxxxxxxxxx
1024: A89A2371 "Ipsa scientia potestas est"
2717 4EB8 461D 743B 47CF Registered Linux User
0D68 C32A 5CDE A89A 2371 counter.li.org:213656

< Previous Next >
Follow Ups