Mailinglist Archive: opensuse (4348 mails)

< Previous Next >
Re: [SLE] SuSEfirewall
  • From: Brian Marr <cabernet@xxxxxxxxxxxxxxxx>
  • Date: Thu, 3 Oct 2002 06:40:10 +0930
  • Message-id: <200210030640.10189.cabernet@xxxxxxxxxxxxxxxx>
I wonder where VMware should appear in the SuSEfirewall script ? I do not want
it to be accessible to the internet, but accessible to my LAN (at least the
Host). Currently SuSEfirewall is dropping VMware packets when I turn it on.
Brian Marr
Ifconfig
Gringo:/home/magpie # ifconfig
eth0 Link encap:Ethernet HWaddr 00:02:44:19:8B:50
inet addr:192.xxx.xx.x Bcast:192.168.50.255 Mask:255.255.255.0
inet6 addr: fe80::202:44ff:fe19:8b50/10 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2603644 errors:0 dropped:0 overruns:0 frame:0
TX packets:1824661 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:280080492 (267.1 Mb) TX bytes:565419632 (539.2 Mb)
Interrupt:9 Base address:0x1000

ippp0 Link encap:Point-to-Point Protocol
inet addr:150.xxx.x.xxx P-t-P:203.16.215.220 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP DYNAMIC MTU:1500 Metric:1
RX packets:636883 errors:0 dropped:0 overruns:0 frame:0
TX packets:615824 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:30
RX bytes:437491432 (417.2 Mb) TX bytes:51316064 (48.9 Mb)

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:768791 errors:0 dropped:0 overruns:0 frame:0
TX packets:768791 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:72052846 (68.7 Mb) TX bytes:72052846 (68.7 Mb)

vmnet1 Link encap:Ethernet HWaddr 00:50:56:C0:00:01
inet addr:192.168.77.1 Bcast:192.168.77.255 Mask:255.255.255.0
inet6 addr: fe80::250:56ff:fec0:1/10 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:283923 errors:0 dropped:0 overruns:0 frame:0
TX packets:349334 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

vmnet8 Link encap:Ethernet HWaddr 00:50:56:C0:00:08
inet addr:192.168.120.1 Bcast:192.168.120.255 Mask:255.255.255.0
inet6 addr: fe80::250:56ff:fec0:8/10 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:6693 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

Gringo:/home/magpie #




On Wednesday 02 October 2002 23:32, James Oakley wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On October 2, 2002 08:43 am, Brian Marr wrote:
> > Suse 8.0 Vmware 3.1
> > My SuSEfirewall configuration is progressing. I am on the net !
> > But am not sure what to make of this
> > Brian Marr
> >
> > Oct 2 21:11:03 Gringo kernel: SuSE-FW-UNAUTHORIZED-TARGET IN=vmnet1 OUT=
> > MAC=00:50:56:c0:00:01:00:50:56:c1:6c:f5:08:00 SRC=192.168.77.128
> > DST=192.168.77.1 LEN=40 TOS=0x00 PREC=0x00 TTL=128 ID=49945 DF PROTO=TCP
> > SPT=1025 DPT=139 WINDOW=8653 RES=0x00 ACK URGP=0
>
> IN=vmnet1 # The OS you're running under Vmware generated the packet
> DPT=139 # That's the destination port, which is Netbios
>
> Basically, Windows under Vmware is sending traffic (looking for other
> Windows boxes) and your SuSEfirewall is configured to reject and log
> packets on port 139.
>
> - --
> James Oakley
> Engineering - SolutionInc Ltd.
> joakley@xxxxxxxxxxxxxxx
> http://www.solutioninc.com
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.6 (GNU/Linux)
> Comment: For info see http://www.gnupg.org
>
> iD8DBQE9mvyA+FOexA3koIgRAlQbAJ0Zm0J0pearx0wqwdBzwJ2o7hHB4QCdEHxw
> r5hMys3TdWXNQkoG6joROFk=
> =WvUR
> -----END PGP SIGNATURE-----


< Previous Next >