Hi list! I have the following setup: MASQ'ed Network --- SuSE firewall --- the Internet. The firewall is running fine since two years. I now want to open ports with the script (SuSE Firewall) to route a VPN tunnel through the firewall (from inside to a server in the internet). I need UDP Port 500 and 47/ip (GRE) or 50/ip (ESP) data channel traffic The following switch is for masquerading: ---snipp--- # Choice: leave empty or any number of hosts/networks seperated by a space. # Every host/network may get a list of allowed services, otherwise everything # is allowed. A protocol and service is appended by a comma to the host/network. # e.g. "10.0.0.0/8" allows the whole 10.0.0.0 network with unrestricted access # "10.0.1.0/24,tcp,80 10.0.1.0/24,tcp,21" allows the 10.0.1.0 network to use # www/ftp to the internet. "10.0.1.0/24,tcp,1024:65535 10.0.2.0/24" is OK too. # You may NOT set this variable to "0/0" ! # FW_MASQ_NETS="" ---snap--- I can use here protocols tcp,udp and icmp , but I can NOT use "IP" as protocol. Where can I setup, that the IP Protocols get routed through the firewall, or do I need additional modules ? Bye, Patrick
participants (1)
-
Patrick Schneider