Hello Ludwig, thanks for the answer, so if the config is correct and I do set up the fw when I start the interface. What might be the reason for the ILL TARGET ???? Do you agree with Arimin suggestion which I find helpfull to try different subnets? Michael H U G O B O S S Ludwig Nussel <ludwig.nussel@suse.de> 14.07.2005 14:10 An suse-security@suse.com Kopie Thema Re: [suse-security] SFW2-IN-ILL-TARGET [Hugo Boss: Virus checked] Michael Hoeller wrote:
I am a little bit confused by the answers, can I try to summarize? I still get rejected ..
I dial in from 192.168.55.100 to 192.168.55.200 the interface ippp0 is used the IP Adresses are fix.
I can actually dial in and I do get the IP Adresses, the connection stays up.
But as soon as I try to log in via ssh user@192.168.55.100 I get the ILL_TARGET Message from the firewall:
Jul 9 21:34:22 omicron kernel: SFW2-IN-ILL-TARGET IN=ippp0 OUT= SRC=192.168.55.200 DST=192.168.55.100 LEN=6 0 TOS=0x00 PREC=0x00 TTL=64 ID=48935 DF PROTO=TCP SPT=1032 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B404 02080A01E052360000000001030302)
Here are my DEV variables: FW_DEV_EXT="ippp1 ippp1 ippp1" FW_DEV_INT="eth-id-00:e0:81:20:30:04 ippp0" FW_DEV_DMZ=""
The config is ok. SuSEfirewall2 does not set up rules for interfaces that don't exist so you need to run SuSEfirewall2 when the interface is up. That is supposed to happen automatically if you checked the Firewall checkbox in YaST. Alternatively verify manually that FIREWALL=yes in the config files as already mentioned in a previous mail.
I don't know why SuSE passed ippp1 3 times to the variable but since I am not an expert I have not touched it..
One is sufficient. cu Ludwig -- (o_ Ludwig Nussel //\ SUSE LINUX Products GmbH, Development V_/_ http://www.suse.de/ -- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here This e-mail (and/or attachments) is confidential and may be privileged. Use or disclosure of it by anyone other than a designated addressee is unauthorized. If you are not an intended recipient, please delete this e-mail from the computer on which you received it. We thank you for notifying us immediately.