AutoYaST and firewall configuration
Good day, has anyone found a solution to this problem in SUSE 9.0 Pro.?: (Originally posted by David Carter -- see http://lists.suse.com/ archive/suse-autoinstall/2003-Dec/0008.html)
Problem #2: Firewall configuration ==================================
/sbin/yast2 autoyast provides a screen for configurating a firewall which generates the following in autoyast.xml:
<firewall> <fw_allow_fw_traceroute>yes</fw_allow_fw_traceroute> <fw_autoprotect_services>yes</fw_autoprotect_services> <fw_dev_ext>eth0</fw_dev_ext> <fw_dev_int></fw_dev_int> <fw_log_accept_all>no</fw_log_accept_all> <fw_log_accept_crit>yes</fw_log_accept_crit> <fw_log_drop_all>no</fw_log_drop_all> <fw_log_drop_crit>yes</fw_log_drop_crit> <fw_masq_nets></fw_masq_nets> <fw_masquerade>no</fw_masquerade> <fw_protect_from_internal>yes</fw_protect_from_internal> <fw_route>no</fw_route> <fw_services_ext_tcp>ssh</fw_services_ext_tcp> <start_firewall config:type="boolean">true</start_firewall> </firewall>
The yast postinstall script which runs says "Setting up firewall", and there is various output in y2log which includes:
2003-12-08 12:38:45 <1> magenta-4(2667) [YCP] clients/autoinst_configure.ycp:105 Writing configuration for firewall
However, /etc/sysconfig/SuSEfirewall2 doesn't appear to get updated:
-rw-r--r-- 1 root root 26770 Dec 8 12:35 SuSEfirewall2
and iptables doesn't acquire any rules. Does autoyast support SuSEfirewall yet? It is conspicuous by its absence in the documentation provided at:
I have Googled the internet, read the Unofficial SuSE FAQ, searched the SuSE archives I know of, and searched the SuSE Support DataBase. No luck. Best regards :o) Johnny :o)
How do you add more than one option to a mouse in the mouse driver database held in /usr/X11R6/lib/sax/api/data/cdb/Pointers? According to the top of the file the format is 'Option = string,string', however this doesn't document the semantics of the line and the docs give no examples. Say I want to set two options when /etc/X11/XF86Config is created by SaX2: Option "Foo" "123" Option "Xyzzy" "456" The comment at the top of the file doesn't tell you how to do this in the Pointers file. I've tried all the following combinations: 1) Option = Foo,123 Option = Xyzzy,456 2) Option = Foo,123,Xyzzy,456 3) Option = Foo=123,Xyzzy=567 All of this is needed to network load the synaptics mouse driver that needs umpteen options. -Nigel
Mandag 12 juli 2004 10:26 kvad Johnny Ernst Nielsen:
Good day,
has anyone found a solution to this problem in SUSE 9.0 Pro.?: (Originally posted by David Carter -- see http://lists.suse.com/ archive/suse-autoinstall/2003-Dec/0008.html)
Problem #2: Firewall configuration ================================== [SNIP]
Good day, aparantly AutoYast ignores the settings specified in the firewall section of the autoinst.xml file. However, there is a workaround. Specify the external interface in a sysconfig section (as well as other wanted sysconfig settings). Specify runlevel sections where the three SuSEfirewall2-parts (init, setup and final) are enabled. Best regards :o) Johnny :o)
participants (2)
-
Johnny Ernst Nielsen -
Nigel Horne