Mailinglist Archive: opensuse (1606 mails)

< Previous Next >
Re: [opensuse] Cannot access two internal nets with SuSeFirewall2
  • From: wanakom@xxxxxxxxx
  • Date: Wed, 03 Sep 2008 11:19:43 +0100
  • Message-id: <48BE64BF.70403@xxxxxxxxx>
Hi Rui


Rui Santos wrote:
same with network 192.168.2.x
What about ssh ? Can you ssh from one net to another ?
Nope. In fact, when I ping from a wxp machine, the answer is "Destination protocol unreachable".

My Google searches have not shown any result. What do I miss in my
configuration ?
Are you sure it's a firewall configuration ? It could be the
configuration of your print-server system. Many printing servers, by
default, only allow printing from the network it is connected to. Just
check it to make sure.
I cannot even ping machines or another server in the other network. No limitation has been set to the print-servers.
If you are sure it is a firewall configuration, could you provide the
firewall log right after a printing attempt ? Also state witch machine
is printing to witch machine.
After sending a ping to the printer 172.26.6.10 from machine 192.168.1.14, the firewall log output is as follow :

Sep 3 11:15:32 ml110 kernel: SFW2-FWDint-DROP-DEFLT IN=eth0 OUT=eth2 SRC=192.168.1.14 DST=172.26.6.10 LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=32021 PROTO=ICMP TYPE=8 CODE=0 ID=768 SEQ=14592

If I understand it, the firewall drops it because if stop the icmp protocol. But I specified FW_PROTECT_FROM_INT="no". Shall I specify what protocols are allowed in spite of no protection for "int" ? If so, what variables shall I look for ?



--
Louis

--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

< Previous Next >
Follow Ups
References