i installed Suse 6.3 with firewall 1.4. I want to permit the following access through the firewall: www, domain, ftp, smtp and ssh. Then i made some adjustments in "rc.firewall" like : FW_ROUTE="yes" FW_TCP_SERVICES_EXTERNAL="smtp www domain ftp" FW_UDP_SERVICES_EXTERNAL="domain smtp ftp"
After starting of firewall i have full access from internal network to internet but there isn't any access from Internet and no mail.... Could someone tell me what should i do?
Did you install the update from http://www.suse.de
The skript out of the 6.3box does not work, I guess.
If so, try this, it should work as a basis:
# /etc/rc.firewall
# for use with /usr/sbin/SuSEfirewall version 1.4
# ------------------------------------------------------------------------
# 1.)
# Should the Firewall be started?
# This setting is done in /etc/rc.config (START_FW="yes")
FW_DEV_WORLD="eth1"
FW_DEV_INT="eth0"
FW_ROUTE="yes"
FW_MASQUERADE="yes"
FW_LOCALNETS="10.1.1.0/24"
FW_KERNEL_SECURITY="yes"
FW_AUTOPROTECT_GLOBAL_SERVICES="no"
FW_PROTECT_FROM_INTERNAL="yes"
FW_TCP_SERVICES_EXTERNAL="" # Common: smtp www domain
FW_UDP_SERVICES_EXTERNAL="" # Common: domain
FW_TRUSTED_HOSTS=""
FW_TCP_SERVICES_TRUSTED="" # Common: ssh
FW_UDP_SERVICES_TRUSTED="" # Common: syslog time ntp
FW_TCP_SERVICES_INTERNAL="" # Common: ssh smtp domain www
FW_UDP_SERVICES_INTERNAL="" # Common: domain
FW_TCP_ALLOW_INCOMING_HIGHPORTS="yes" # Common: "ftp-data" (sadly!)
FW_UDP_ALLOW_INCOMING_HIGHPORTS="yes" # Common: "dns"
FW_SERVICE_DNS="no" # if yes, FW_TCP_SERVICES_* needs to have port 53
FW_FORWARD_TCP="" # Beware to use this!
FW_FORWARD_UDP="" # Beware to use this!
FW_REDIRECT_TCP=""
FW_REDIRECT_UDP=""
FW_LOG_DENY_CRIT="yes"
FW_LOG_DENY_ALL="no"
FW_LOG_ACCEPT_CRIT="yes"
FW_LOG_ACCEPT_ALL="no"
FW_ALLOW_FW_PING="yes"
FW_ALLOW_FW_TRACEROUTE="no"
FW_ALLOW_FW_SOURCEQUENCH="yes"
FW_MASQ_MODULES="autofw cuseeme ftp irc mfw portfw quake raudio user
vdolive"
Best regards,
Bernhard Mackert
aiacs Internet GmbH
Amtsgericht Bamberg, HRB 3471
www.aiacs.com
-----Ursprüngliche Nachricht-----
Von: als