![](https://seccdn.libravatar.org/avatar/cdebc0a863fc9ce9fc362e1331a7d2b3.jpg?s=120&d=mm&r=g)
Hi again,
when i ping for example www.suse.de, the firewall makes an entry in /var/log/firewall like this:
... SuSE-FW-DROP-DEFAULTIN=ippp0 .... SRC= [ DNS ]...
I think the firewall blocks the connection to the DNS Server, but why ??? The Connection from the client to the DNS is not blocked !
Thanks
PHJ
Hi Freddy,
thank you. It's right on the client machines i've configured the dns ! But the resolv.conf is configured correct and is modified by the ip-up script. That's not the problem. For example when i don't start the firewall everything works fine on the firewall computer.
Thanks
PHJ
-------------------------------------------------------------------------- -- ------
Hello !
I have a problem with Firewall 2 in Suse:
1. When i start the Firewall 2, other computers in the network can connect to the internet via ip masquerading, but the computer where the firewall runs, has no access to the internet !
Check your "/etc/resolv.conf". If you don't run a DNS-Server with forwarders you have to put the dns from your ISP in the resolv.conf. Do you use isdn to connect to your ISP ? If so , try "MODIFY_RESOLV_CONF_DYNAMICALLY = yes" in the /etc/rc.config and the ms-get-dns in the "/etc/ppp/options". If you use the SuSE "/etc/ppp/ip-up" script , the script tries to get the dns from your ISP and put the dns in to your /etc/resolv.conf". After disconnect, the script restores the resolv.conf. That your clientmachines can connect to the inet , is that you have configured the dns on the clientmachines - i think so?
2. How is it possible to do not start personal-firewall at boot, because
i
think when i use firewall 2, it is not necessary to run
Hello, i have solved the problem, thank you very much for helping me ! I have forgotten to allow DNS at highports in the firewall configuration script ! You are right ! Now it works fine ! greetings PHJ Hi, what are ports by that logentry ? SPT= - DPT= Do you have blocked the HighPorts in the "firewall2.rc.config" ? Check this entries. FW_ALLOW_INCOMING_HIGHPORTS_TCP="yes" FW_ALLOW_INCOMING_HIGHPORTS_UDP="yes" greetings freddy personal-firewall
???
remove the "personal-firewall package" or what i did , remove the links unter "/etc/init.d/rc.x.d/".
Thank you for help !
PHJ
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
Hope it helps kind regards freddy
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com