RE: [suse-security] Help for SuSEFirewall2

En la parte de : FW_FORWARD_MASQ="194.168.1.2,192.168.1.2,tcp,80" Esta el error, ya que en la primera parte va el IP de donde se genera la conexión, es decir, seria asi: FW_FORWARD_MASQ="0/0,192.168.1.2,tcp,80" Saludos cordiales, Carlos Carrera -----Mensaje original----- De: amiky@gic.parma.it [mailto:amiky@gic.parma.it] Enviado el: Viernes, 01 de Marzo de 2002 06:21 a.m. Para: suse-security@suse.com Asunto: [suse-security] Help for SuSEFirewall2 Hi I'm a new subscribed to the mailing-list i'd like to ask you a question about SuSeFirewall2 that i don't configure correctly Thank you for your interest this is the configuration scheme Internet | | Web server Web server | | | SuSE-Firewall------------------ | | | Internal LAN external address example (194.168.2.1 194.168.2.2 194.168.3) external fw interface: eth1 (194.168.2.1) dmz fw interface: eth2 (192.168.1.1) internal fw interface: eth0 (192.168.0.1) internal LAN: 192.168.0.1 netmask 255.255.255.0 ip internal of web sever 192.168.1.2 FW_DEV_EXT="eth1" FW_DEV_INT="eth0" FW_DEV_DMZ="eth2" FW_ROUTE="yes" FW_MASQUERADE="yes" FW_MASQ_DEV="$FW_DEV_EXT" FW_MASQ_NETS="192.168.0.1/24 192.168.1.0/24" FW_PROTECT_FROM_INTERNAL="no" FW_AUTOPROTECT_SERVICES="yes" FW_SERVICES_EXT_TCP="www" FW_SERVICES_EXT_UDP="" FW_SERVICES_EXT_IP="" FW_SERVICES_DMZ_TCP="www" FW_SERVICES_DMZ_UDP="" FW_SERVICES_DMZ_IP="" FW_SERVICES_INT_TCP="" FW_SERVICES_INT_UDP="" FW_SERVICES_INT_IP="" FW_TRUSTED_NETS="" FW_ALLOW_INCOMING_HIGHPORTS_TCP="yes" FW_ALLOW_INCOMING_HIGHPORTS_UDP="yes" FW_SERVICE_AUTODETECT="yes" FW_SERVICE_DNS="no" FW_SERVICE_DHCLIENT="no" FW_SERVICE_DHCPD="no" FW_SERVICE_SQUID="no" FW_SERVICE_SAMBA="no" FW_FORWARD="" FW_FORWARD_MASQ="194.168.1.2,192.168.1.2,tcp,80" FW_REDIRECT="" FW_LOG_DROP_CRIT="yes" FW_LOG_DROP_ALL="no" FW_LOG_ACCEPT_CRIT="yes" FW_LOG_ACCEPT_ALL="no" FW_LOG="--log-level warning --log-tcp-options --log-ip-option --log-prefix SuSE- FW" FW_KERNEL_SECURITY="yes" FW_STOP_KEEP_ROUTING_STATE="no" FW_ALLOW_PING_FW="yes" FW_ALLOW_PING_DMZ="yes" FW_ALLOW_PING_EXT="no" -- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here