Hi John,

I have a cable Internet connection and run it through a Linksys router. This has NAT built in for protection. Of course through this I run DHCP to three other machines in a home network, 1 linux and 2 wins. Is this good enough or do I need to setup a personal firewall besides. I have Suse 7.1 and don't have the personal firewall on as this is the way the auto setup did it through Yast. If I do turn it on will this throw a monkey wrench into the something that is running fine now. I'm a newbie at firewalls and the option of just having it done automatically seemed appealing. But I figured Yast has to be much brighter then me and it had to be a reason. I'm thinking because of the DHCP?

John.........

The personal-firewall does very simple things: it declines connection attempts, blackholes UDP traffic and limits icmp echo replies. There is only one configuration item: The interface that it should work on. The name of the interface(s) is set in the variable REJECT_ALL_INCOMING_CONNECTIONS in /etc/rc.config.d/security.rc.config. Examples: # everything: REJECT_ALL_INCOMING_CONNECTIONS="yes" # the same as REJECT_ALL_INCOMING_CONNECTIONS="all" # for ISDN: REJECT_ALL_INCOMING_CONNECTIONS="ippp0" # for modems: REJECT_ALL_INCOMING_CONNECTIONS="modem" # and for modems as well as the second ethernet card, plus masquerade # everything: REJECT_ALL_INCOMING_CONNECTIONS="modem masq eth0" By consequence, all traffic arriving on one of the specified interface will get blocked, in particular dhcp packets arriving on eth0 (in case you chose "all"). Use the interface name of your external interface to re-enable your dhcp setup. Thanks, Roman. -- - - | Roman Drahtmüller <draht@suse.de> // "Caution: Cape does | SuSE GmbH - Security Phone: // not enable user to fly." | Nürnberg, Germany +49-911-740530 // (Batman Costume warning label) | - -