Re: [suse-security] iptables simple script, but...
Yes, I'll use an iptables simple script or not so simple, it doesn't matter, where should I place it and where should I call you (I'm an RH and Mdk experienced user an suse it's a bit diferent, and partialy lost, that's why I'm asking this). There is a file /etc/rc.d/skeleton which can be used as a template for your firewall script. You can copy it to /etc/rc.d/firewall and edit it to let it call your actual firewall script. In the easiest form you just need the "start" command to work to start your firewall when
On Tuesday 29 May 2001 15:17, Pupeno wrote: the system goes up and then leave it on forever. Then you can put "SXXfirewall" symlinks into the various runlevels (depends on your SuSE Version, normally 2 + 3 or 3 + 5) which point to your file. I would suggest to place several links, depending on your firewall script: The first one before the network goes up to have protection from the start. (This will eventually produce errors if you refer to certain interfaces in your script but it will set the policies at least) The last call to your firewall script should be made when all interfaces are up. If you have some interfaces that come up later (ppp,ippp) or if some ip-adresses change later (dynamic address while dialing in) you have to call your firewall script again. (e.g. from within /etc/ppp/ip-up). But that depends on your actual script, if it deals with that interfaces at all. Andreas ********************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote also confirms that this email message has been scanned for the presence of computer viruses. **********************************************************************
* Andreas B�tz
why I'm asking this). There is a file /etc/rc.d/skeleton which can be used as a template for your firewall script. You can copy it to /etc/rc.d/firewall and edit it to let it call your actual firewall script. In the easiest form you just need the "start" command to work to start your firewall when
On Tuesday 29 May 2001 15:17, Pupeno wrote: the system goes up and then leave it on forever. Then you can put "SXXfirewall" symlinks into the various runlevels (depends on your SuSE Version, normally 2 + 3 or 3 + 5) which
AFAIK with 7.1 you have the insserv to sort out the correct symlinks for the starting. rather than manually selecting the Sxxfirewall by using insserv this is done once man insserv explains it -- Togan Muftuoglu
Hi I am away from my linux box at present but does any one have a copy of the directory (in a tar) format of the following directory please... So I can try to work out my firewall configuration based on one of the examples. /usr/share/doc/packages/SuSEfirewall/EXAMPLES I managed to get the PC to boot up ok it went through the first firewall rules ok and then the second ok, however I am still unable to ping or to telnet out or into the box Setup wishing to configure Internet | | firewall (ppp0) via kppp to the internet via modem. SuSE 7.0 linux box 1 (192.168.0.1 eth0 to the lan) with 0.0.0.0 to masq out to my ISP who uses dynamic IP addresses vnc, kde, www, mail pop and smtp | |______________________________________ | | SuSE linux 6.4 box 2 (192.168.0.3) eth0 Win2000 (192.168.0.2) eth0 Access to www, ftp, telent and ping Access to www, ftp, ping, telnet, vnc, outlook mail, pop, smtp rlogin, vnc, mail pop and smtp internal network internal and external ------------------------------------------------------------ I wish to work on SuSE linux box 1 (vnc, kde, www, ftp, telnet. rlogin mail pop and smtp) too. But my main working box is the Win2000 with vnc to the linux boxes. Any ideas or even an example I could use ? Regards Matt
participants (3)
-
Andreas Bätz
-
Matt
-
Togan Muftuoglu