Hello guys,


I upgraded to 7.2 two weeks ago from version 7.0. Since my upgrade I cannot get my other Windows and Linux computers to access the internet.

The Suse firewall in 7.2 will not even start.

What can I do to get everything working again. I also tried my firewall file from 7.0 but it dowsn't work.


Any help would be greatly apprreciated.

Here some information about my lan.



 netstat | grep tcp
tcp        0      0 ::ffff:213.17.23.:33094 ::ffff:195.96.96.1:pop3 TIME_WAIT


192.168.33.1 is the internet server
192.168.33.2 -192.168.33.4 are clients to the net which cannot connect yet.

 route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
195.96.100.62   0.0.0.0         255.255.255.255 UH    0      0        0 ppp0
192.168.33.0    0.0.0.0         255.255.255.0   U     0      0        0 eth0
0.0.0.0         195.96.100.62   0.0.0.0         UG    0      0        0 ppp0

 ipchains -L
Chain input (policy DENY):
target     prot opt     source                destination           ports
DENY       all  ------  anywhere             255.255.255.255       n/a
DENY       udp  ------  anywhere             anywhere              any ->   netbios-ns
DENY       tcp  ------  anywhere             anywhere              any ->   netbios-ns
DENY       udp  ------  anywhere             anywhere              any ->   netbios-dgm
DENY       tcp  ------  anywhere             anywhere              any ->   netbios-dgm
DENY       udp  ------  anywhere             anywhere              any ->   bootps
DENY       udp  ------  anywhere             anywhere              any ->   bootpc
DENY       all  ------  BASE-ADDRESS.MCAST.net/8 anywhere              n/a
ACCEPT     all  ------  localnet/8           anywhere              n/a
ACCEPT     all  ------  192.168.33.0/24      anywhere              n/a
ACCEPT     all  ------  192.168.33.0/24      255.255.255.255       n/a
ACCEPT     icmp ------  anywhere             anywhere              any ->   any
ACCEPT     tcp  !y----  anywhere             anywhere              any ->   any
ACCEPT     udp  ------  sun4000.casema.net   anywhere              domain ->   1023:65535
ACCEPT     udp  ------  ns1.casema.net       anywhere              domain ->   1023:65535
ACCEPT     tcp  ------  anywhere             anywhere              any ->   ssh
ACCEPT     tcp  ------  anywhere             anywhere              any ->   telnet
ACCEPT     tcp  ------  anywhere             anywhere              any ->   smtp
ACCEPT     tcp  ------  anywhere             anywhere              any ->   ident
ACCEPT     tcp  ------  anywhere             anywhere              any ->   http
ACCEPT     tcp  ------  anywhere             anywhere              any ->   ftp
DENY       all  ----l-  anywhere             anywhere              n/a
Chain forward (policy ACCEPT):
target     prot opt     source                destination           ports
MASQ       all  ------  192.168.33.0/24      anywhere              n/a



maf king wrote:
Hi Christoph


On 2001.08.20 11:35:52 +0100 Christoph Egger wrote:
On Monday, 20. August 2001 12:24, maf@cybereye.co.uk wrote:
Hi Christoph,

Looks like the interface ipsec0 is being DENYed by default.  Try
inserting
a couple of rules in your firewall :

INPUT : allow everything from interface ipsec0
OUTPUT : allow everything to ipsec0
Yes, this works!!!  A BIG THANK!!!



Glad I was finally some help to you.  ;-)

Now all you need to do is figure out if accepting *everything* on the
ipsec0 interface is a good idea or not! 

Best Wishes,
Maf.


-- 
CU,
Christoph