here is my conf. file: FW_QUICKMODE="no" FW_DEV_EXT="eth0" FW_DEV_INT="eth1" FW_DEV_DMZ="" FW_ROUTE="yes" FW_MASQUERADE="yes" FW_MASQ_DEV="$FW_DEV_EXT" FW_MASQ_NETS="10.10.0.0/16,0/0,tcp,110 10.10.0.0/16,0/0,tcp,21 10.10.0.0/16,0/0,tcp,80 10.10.0.0/16,0/0,tcp,25" FW_PROTECT_FROM_INTERNAL="yes" FW_AUTOPROTECT_SERVICES="yes" FW_SERVICES_EXT_TCP="" FW_SERVICES_EXT_UDP="" # Common: domain FW_SERVICES_EXT_IP="" FW_SERVICES_DMZ_TCP="" FW_SERVICES_DMZ_UDP="" FW_SERVICES_DMZ_IP="" FW_SERVICES_INT_TCP="" FW_SERVICES_INT_UDP="" FW_SERVICES_INT_IP="" FW_SERVICES_QUICK_TCP="" FW_SERVICES_QUICK_UDP="" FW_SERVICES_QUICK_IP="" FW_TRUSTED_NETS="" FW_ALLOW_INCOMING_HIGHPORTS_TCP="ftp-data" FW_ALLOW_INCOMING_HIGHPORTS_UDP="DNS" FW_SERVICE_AUTODETECT="no" # Autodetect the services below when starting FW_SERVICE_DNS="no" FW_SERVICE_DHCLIENT="no" FW_SERVICE_DHCPD="no" FW_SERVICE_SQUID="no" FW_SERVICE_SAMBA="no" FW_FORWARD="" # Beware to use this! FW_FORWARD_MASQ="" # Beware to use this! FW_REDIRECT="" FW_LOG_DROP_CRIT="yes" FW_LOG_DROP_ALL="no" FW_LOG_ACCEPT_CRIT="yes" FW_LOG_ACCEPT_ALL="no" FW_LOG="--log-level warning --log-tcp-options --log-ip-option --log-prefix SuSE-FW" FW_KERNEL_SECURITY="yes" FW_STOP_KEEP_ROUTING_STATE="no" FW_ALLOW_PING_FW="no" FW_ALLOW_PING_DMZ="no" FW_ALLOW_PING_EXT="no" FW_ALLOW_FW_TRACEROUTE="yes" FW_ALLOW_FW_SOURCEQUENCH="yes" FW_ALLOW_FW_BROADCAST="no" FW_IGNORE_FW_BROADCAST="yes" FW_ALLOW_CLASS_ROUTING="no" FW_CUSTOMRULES="" FW_REJECT="no" -----Messaggio originale----- Da: Peer Stefan [mailto:stefan.peer@tiwag.at] Inviato: martedì 25 febbraio 2003 14.46 A: Fiorenza Meini; Suse Security (E-mail) Oggetto: RE: [suse-security] SuSEfirewall2 errors on SuSE linux 8.1 Hi Fiorenza,
From: Fiorenza Meini [mailto:fmeini@robinson.it] Hi there! On my SuSE Linux 8.1 professional box I configured the firewall and when I run SuSEfirewall2 I receive this kind of message: /sbin/SuSEfirewall2: line 696: test: 10.10.0.0/16: integer expression expected /sbin/SuSEfirewall2: line 696: test: 10.10.0.0/16: integer expression expected /sbin/SuSEfirewall2: line 696: test: 10.10.0.0/16: integer expression expected /sbin/SuSEfirewall2: line 696: test: 10.10.0.0/16: integer expression expected iptables v1.2.7a: Maximum prefix length 29 for --log-prefix
Please, what does it mean?
My firewall configuration is attached.
No it's not - please include your configuration in the text (run 'cat /etc/sysconfig/SuSEfirewall2|grep -v "^#" | grep -v "^$"' to leave out all comments and empty lines). The last error "iptables v1.2.7a: Maximum prefix length 29 for --log-prefix" means that you cannot assign more than 29 characters as your log-prefix (a short description included in your log-message). Have a look at the directive FW_LOG="...." and especially check for the second ". Sounds like it got lost somewhere.
Thanks Fiorenza <<SuSEfirewall2>>
regards, Stefan