Mailinglist Archive: opensuse (4343 mails)

< Previous Next >
Re: [Solved] [SuSE 8.1] USB SpeedTouch modem user can't start SuSEfirewall2
# Context:
I am using a SpeedTouch USB modem under SuSE8.1 to connect to Internet.
I had problems setting up and running the version of SuSEfirewall2 that came
with the 8.1 cd's becasue it errored out during the initial setup.


# To get SuSEfirewall2 up and running and properly setup for my SpeedTouch
USB modem
# I had to do the following things:
#1
# Use apt-get to install a new version SuSEfirewall2 . I installed 3.1-2

#2
# Modify the following ***2*** options of SuSEfirewall2 .

vi /etc/sysconfig/SuSEfirewall2
# 1.)
# Should the Firewall run in quickmode?
FW_QUICKMODE="yes"

# 2.)
# Which is the interface that points to the internet/untrusted networks?
FW_DEV_EXT="ppp0"


#3
# Add the two following soft links under /etc/init.d/rc5.d as they were no
to be found.
# Note : You might have to change the first 3 letters in order to get the
start up order correct

cd /etc/init.d/rc5.d
ln -s ../SuSEfirewall2_setup S03SuSEfirewall2_setup
ln -s ../SuSEfirewall2_final S04SuSEfirewall2_final

Every SuSEfirewall2 now works and it tested out ok at Gibsons "Shields Up"
Most ports were Stealth, 3 ports (tcp, pop3 and ?) were marked "Closed"

Thanks for all the help.

Ciao
James Pearson
E mail (mai) : james.pearson@xxxxxxxxxx
E mail (bur) : james.pearson@xxxxxxxxxxx
Web page: http://perso.wanadoo.fr/j.pearson/

What you make of your life is up to you.
You have all the tools and resources you need.

----- Original Message -----
From: "Togan Muftuoglu" <toganm@xxxxxxxxxxxx>
To: "suse" <suse-linux-e@xxxxxxxx>
Sent: Friday, November 08, 2002 7:41 PM
Subject: Re: [SLE] [SuSE 8.1] USB SpeedTouch modem user can't start
SuSEfirewall2: sorry, long post !


> * FX Fraipont; <fxf@xxxxxxxxx> on 08 Nov, 2002 wrote:
> >#
> >FW_MASQ_NETS="0/0"
>
> ?????
> it would be better in my opinion to say which networks is masquearded ie
> 192.168.1.0/24 much safer
>
> ># For FW_SERVICES_*_IP enter the protocol name (like "igmp") or number
("2")
> >#
> ># Common: smtp domain
> >FW_SERVICES_EXT_TCP="http 80 pop3 smtp 25 ssh telnet "
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> http and 80
> smtp and 25
>
> just say "www smtp" and if yopuare using telnet why bother with ssh ?
> >
> ># Common: domain
> >FW_SERVICES_EXT_UDP="www"
>
> www is TCP not UDP
>
> >#
> ># Common: ssh smtp domain
> >FW_SERVICES_INT_TCP="ssh smtp 25 26 143 www 80"
>
> "ssh smtp 26 143 www"
>
> >FW_ALLOW_INCOMING_HIGHPORTS_TCP="2500 143"
> ^^^^
> 143 is not a highport
> >
> ># Common: "DNS" or "domain ntp", better is "yes" to be sure ...
> >FW_ALLOW_INCOMING_HIGHPORTS_UDP="yes"
>
> I would have put just "DNS" makes more secure
>
> ># if everything still works. (It should!) ;-)
> >#
> ># Choice: "yes" or "no", if not set defaults to "yes"
> >#
> >FW_KERNEL_SECURITY="no"
>
> yes is much better
>
>
> This is my opinion your mileage may vary
>
> --
>
> Togan Muftuoglu
> Unofficial SuSE FAQ Maintainer
> http://dinamizm.ath.cx
>
>
>
> --
> Check the headers for your unsubscription address
> For additional commands send e-mail to suse-linux-e-help@xxxxxxxx
> Also check the archives at http://lists.suse.com
> Please read the FAQs: suse-linux-e-faq@xxxxxxxx
>
>
>



< Previous Next >