openSUSE Security May 2013

security@lists.opensuse.org

2 participants
3 discussions

by Sally

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <STYLE type=text/css> </STYLE> <META http-equiv=Content-Type content=text/html;charset=utf-8><BASE target=_blank> <STYLE type=text/css> </STYLE> <BASE target=_blank> <STYLE type=text/css></STYLE> <META content="MSHTML 6.00.2900.6380" name=GENERATOR></HEAD> <BODY style="FONT-SIZE: 10.5pt; MARGIN: 10px" bgColor=#ffffff> <DIV><FONT face="Times New Roman" size=3>Dear </FONT></DIV> <DIV><FONT face="Times New Roman" size=3></FONT> </DIV> <DIV><FONT face="Times New Roman" size=3>How are you?</FONT></DIV> <DIV><FONT face="Times New Roman" size=3></FONT> </DIV> <DIV><FONT face="Times New Roman" size=3>I'm Sally from VCOM. I had sent the email about the VCOM to you, i believe you have know something about it, right? The attachment is the specification of the HDMI cable, you can choose which one you like and tell me , i will reply you as soon as possible.</FONT></DIV> <DIV><FONT face="Times New Roman" size=3></FONT> </DIV> <DIV><FONT face="Times New Roman" size=3>Waiting for your reply.</FONT></DIV> <DIV><FONT face="Times New Roman" size=3></FONT> </DIV> <DIV><FONT face="Times New Roman" size=3>Thanks & best regard.</FONT></DIV><SPAN id=fttx_sign_begin></SPAN> <DIV> <DIV><FONT size=3><STRONG></STRONG></FONT> </DIV> <DIV><FONT size=3><STRONG>Sally</STRONG> <BR>Vcom International Ltd<BR> <BR>E-mail:vcom18@vcom.hk<BR>MSN:vcom18@hotmail.com<BR>Tel: +86-20-22832571<BR>Fax:+86-20-22832562</FONT></DIV> <DIV><FONT size=3>Mob:+86-15999942105</FONT></DIV> <DIV><FONT size=3>Skype:vcom18<BR>Address:Youke Business Center. Bulding D 2F/1,Kexin Rd,Tangxia,Tianhe District, Guangzhou City,Guangdong Province,China </FONT></DIV> <DIV> </DIV></DIV><SPAN id=fttx_sign_end></SPAN></BODY></HTML>

9 years, 1 month

[opensuse-security] SuseFirewall2: Strange masquerading rule for port forwarding rules when both FW_MASQ_NETS and FW_FORWARD_MASQ are defined

by Juan Luis Baptiste

Hi, I'm seeing something strange that I do not understand. According to iptables documentation[1], port forwarding rules are defined on the PREROUTING chain in the nat table, and masquerading rules are defined on the POSTROUTING chain also in the nat table (plus the needed additional rules in chain FORWARD in the filter table). I'm testing a simple escenario: An OpenSUSE 12.3 server with two interfaces, one connected to the 192.168.1.0/24 (external network) on eth0, and connected to 192.168.10.0/24 (internal network) on eth1: FW_DEV_EXT="eth0" FW_DEV_INT="eth1" FW_ROUTE="yes" FW_MASQUERADE="yes" If I define: FW_FORWARD_MASQ="192.168.1.102,192.168.10.111,tcp,2222,22" I will correctly see rule created on PREROUTING: Chain PREROUTING (policy ACCEPT 8 packets, 869 bytes) pkts bytes target prot opt in out source destination 1 60 DNAT tcp -- eth0 * 192.168.1.102 0.0.0.0/0 tcp dpt:2222 to:192.168.10.111:22 The same happens for masquerading for this rule: FW_MASQ_NETS="192.168.10.0/24,0/0" I will correctly see the rule created on POSTROUTING: Chain POSTROUTING (policy ACCEPT 1 packets, 60 bytes) pkts bytes target prot opt in out source destination 6 395 MASQUERADE all -- * eth0 192.168.10.0/24 0.0.0.0/0 BUT, if both variables are defined at the same time, an additional rule in the POSTROUTING chain will be created for the port forwarding rule defined in FW_FORWARD_MASQ. Look at this: Chain POSTROUTING (policy ACCEPT 1 packets, 60 bytes) pkts bytes target prot opt in out source destination 6 395 MASQUERADE all -- * eth0 192.168.10.0/24 0.0.0.0/0 0 0 MASQUERADE tcp -- * eth0 192.168.1.102 0.0.0.0/0 tcp dpt:22 Now there's an additional masquerading rule (the second one) for the external host 192.168.1.102. Note that that host is on the network connected to the firewall on eth0, and the output interface is also eth0, with the destination port of the port forwading rule in FW_FORWARD_MASQ. This doesn't make any sense to me, is this correct ? why that rule appears only when both FW_MASQ_NETS and FW_FORWARD_MASQ are defined and not when only the latter is defined ? both rules work ok, I'm just wondering why that extra rule that doesn't seem to have any use. [1] http://netfilter.org/documentation/HOWTO//NAT-HOWTO-6.html Cheers, -- JLB -- To unsubscribe, e-mail: opensuse-security+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-security+owner(a)opensuse.org

9 years, 1 month

[opensuse-security] HDMI cable

by Sally

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML xmlns:o = "urn:schemas-microsoft-com:office:office"><HEAD> <STYLE type=text/css> </STYLE> <META http-equiv=Content-Type content=text/html;charset=utf-8><BASE target=_blank> <STYLE type=text/css> </STYLE> <BASE target=_blank> <STYLE type=text/css> </STYLE> <BASE target=_blank> <STYLE type=text/css> </STYLE> <BASE target=_blank> <STYLE type=text/css> </STYLE> <BASE target=_blank> <STYLE type=text/css> </STYLE> <BASE target=_blank> <STYLE type=text/css> </STYLE> <BASE target=_blank> <STYLE type=text/css></STYLE> <META content="MSHTML 6.00.2900.6357" name=GENERATOR></HEAD> <BODY style="FONT-SIZE: 10.5pt; MARGIN: 10px" bgColor=#ffffff> <DIV><FONT face="Times New Roman"><SPAN lang=EN-US style="FONT-SIZE: 12pt; mso-font-kerning: 0pt">Dear friend,</SPAN></FONT></DIV> <DIV><FONT face="Times New Roman"><SPAN lang=EN-US style="FONT-SIZE: 12pt; mso-font-kerning: 0pt"></SPAN></FONT> </DIV> <DIV><FONT face="Times New Roman"><SPAN lang=EN-US style="FONT-SIZE: 12pt; mso-font-kerning: 0pt">How are you ?</SPAN></FONT></DIV> <DIV><FONT face="Times New Roman"><SPAN lang=EN-US style="FONT-SIZE: 12pt; mso-font-kerning: 0pt"></SPAN></FONT> </DIV> <DIV><FONT face="Times New Roman"><SPAN lang=EN-US style="FONT-SIZE: 12pt; mso-font-kerning: 0pt">I'm Sally from VCOM. Could you pls spend 1 min to read my email? Thanks a lot.</SPAN></FONT></DIV> <DIV><FONT face="Times New Roman"><SPAN lang=EN-US style="FONT-SIZE: 12pt; mso-font-kerning: 0pt"></SPAN></FONT> </DIV> <DIV><FONT face="Times New Roman"><SPAN lang=EN-US style="FONT-SIZE: 12pt; mso-font-kerning: 0pt">We specialize in the computer cables & accessories and computer electronic for more than 18 years. The products' line as following:</SPAN><SPAN lang=EN-US style="FONT-FAMILY: 宋体; mso-font-kerning: 0pt; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: 宋体"><o:p></o:p></SPAN></FONT></DIV> <DIV> <P class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left; mso-pagination: widow-orphan" align=left><FONT face="Times New Roman"><SPAN lang=EN-US style="FONT-SIZE: 12pt; mso-font-kerning: 0pt"> HDMI cable, VGA cable, USB cable, DVI cable, network cable , splitter, headphone& earphone, mouse&keyboard and android player and so on. HDMI cables are the hot selling in our company .</SPAN></FONT></P> <P class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left; mso-pagination: widow-orphan" align=left><SPAN lang=EN-US style="FONT-SIZE: 12pt; FONT-FAMILY: 宋体; mso-font-kerning: 0pt; mso-bidi-font-family: 宋体"><o:p> </o:p></SPAN></P> <P class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left; mso-pagination: widow-orphan" align=left><FONT face="Times New Roman"><SPAN lang=EN-US style="FONT-SIZE: 12pt; mso-font-kerning: 0pt">VCOM is committed to providing high quality computer cables and electronics to global consumers with competitive price. Up till now, VCOM has more than 84 distributors in global different countries.</SPAN><SPAN lang=EN-US style="FONT-SIZE: 12pt; FONT-FAMILY: 宋体; mso-font-kerning: 0pt; mso-bidi-font-family: 宋体"><o:p></o:p></SPAN></FONT></P> <P class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left; mso-pagination: widow-orphan" align=left><SPAN lang=EN-US style="FONT-SIZE: 12pt; FONT-FAMILY: 宋体; mso-font-kerning: 0pt; mso-bidi-font-family: 宋体"><o:p> </o:p></SPAN></P> <P class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left; mso-pagination: widow-orphan" align=left><SPAN lang=EN-US style="FONT-SIZE: 12pt; mso-font-kerning: 0pt"><FONT face="Times New Roman">The following is the website of our company. pls check it.  </FONT></SPAN><SPAN lang=EN-US style="FONT-SIZE: 12pt; FONT-FAMILY: 宋体; mso-font-kerning: 0pt; mso-bidi-font-family: 宋体"><A href="http://www.vcom.hk/">http://www.vcom.hk/</A></SPAN></P> <P class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left; mso-pagination: widow-orphan" align=left><SPAN lang=EN-US style="FONT-SIZE: 12pt; FONT-FAMILY: 宋体; mso-font-kerning: 0pt; mso-bidi-font-family: 宋体"></SPAN> </P> <P class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left; mso-pagination: widow-orphan" align=left><SPAN lang=EN-US style="FONT-SIZE: 12pt; FONT-FAMILY: 宋体; mso-font-kerning: 0pt; mso-bidi-font-family: 宋体"><FONT face="Times New Roman">The attachment is productlist and the specification of the HDMI cable. Pls check it.</FONT></SPAN></P> <P class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left; mso-pagination: widow-orphan" align=left><SPAN lang=EN-US style="FONT-SIZE: 12pt; FONT-FAMILY: 宋体; mso-font-kerning: 0pt; mso-bidi-font-family: 宋体"> <o:p></o:p></SPAN></P> <P class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left; mso-pagination: widow-orphan" align=left><FONT face="Times New Roman"><SPAN lang=EN-US style="FONT-SIZE: 12pt; mso-font-kerning: 0pt">Looking forward to further talking with you.</P> <HR> <P class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left; mso-pagination: widow-orphan" align=left><IMG alt="" hspace=0 src="cid:777@41402.3551415972.154" align=baseline border=0></SPAN><SPAN lang=EN-US style="FONT-SIZE: 12pt; FONT-FAMILY: 宋体; mso-font-kerning: 0pt; mso-bidi-font-family: 宋体"><o:p></o:p></SPAN></FONT></P> <P class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left; mso-pagination: widow-orphan" align=left><SPAN lang=EN-US style="FONT-SIZE: 12pt; FONT-FAMILY: 宋体; mso-font-kerning: 0pt; mso-bidi-font-family: 宋体"><o:p> </o:p></SPAN></P> <P class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left; mso-pagination: widow-orphan" align=left><SPAN lang=EN-US style="FONT-SIZE: 12pt; mso-font-kerning: 0pt"><FONT face="Times New Roman">Kind regards</FONT></SPAN><SPAN lang=EN-US style="FONT-SIZE: 12pt; FONT-FAMILY: 宋体; mso-font-kerning: 0pt; mso-bidi-font-family: 宋体"><o:p></o:p></SPAN></P></DIV><SPAN id=fttx_sign_begin></SPAN> <DIV> <DIV><FONT size=3><STRONG></STRONG></FONT> </DIV> <DIV><FONT size=3><STRONG>Sally</STRONG> <BR>Vcom International Ltd<BR> <BR>E-mail:vcom18@vcom.hk<BR>MSN:vcom18@hotmail.com<BR>Tel: +86-20-22832571<BR>Fax:+86-20-22832562</FONT></DIV> <DIV><FONT size=3>Mob:+86-15999942105</FONT></DIV> <DIV><FONT size=3>Skype:vcom18<BR>Address:Youke Business Center. Bulding D 2F/1,Kexin Rd,Tangxia,Tianhe District, Guangzhou City,Guangdong Province,China </FONT></DIV> <DIV> </DIV></DIV><SPAN id=fttx_sign_end></SPAN></BODY></HTML>

9 years, 2 months

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

2000

1999

1998

1997

1996

openSUSE Security May 2013