CIPE & SuSEfirewall2 Setup Help
I'm trying to use cipe for a vpn/mobile-ip setup. Everything works fine when I establish the cipe tunnel from the outside world. However, no matter how I configure SuSEfirewall2, I cannot get it to work correctly when on the internal network. Here's the error I get: Dec 26 02:34:14 xxxx kernel : SuSE-FW-ACCESS_DENIED_INT IN=eth0 OUT= MAC=xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx SRC=xxx.xxx.xxx.xxx DST=xxx.xxx.xxx.xxxx LEN=132 TOS=0x00 PREC=0x00 TTL=64 ID=6143 DF PROTO=UDP SPT=xxxxx DPT=yyyyy LEN=112 I've enabled the following: FW_SERVICES_INT_UDP="yyyyy" FW_ALLOW_INCOMING_HIGHPORTS_UDP="yes" But no dice. Could some kind soul point me to the chain/config option that controls SuSE-FW-ACCESS_DENIED_INT? Thanks in advance. --Jerry Open-Source software isn't a matter of life or death... ...It's much more important than that!
* Jerry A!; <jerry@thehutt.org> on 26 Dec, 2002 wrote:
I've enabled the following:
FW_SERVICES_INT_UDP="yyyyy" FW_ALLOW_INCOMING_HIGHPORTS_UDP="yes"
But no dice. Could some kind soul point me to the chain/config option that controls SuSE-FW-ACCESS_DENIED_INT?
Starting with line 951 ############################################################### # Anti Spoofing/Cirumvention protection - interface dependent # ############################################################### for DEV in $FW_DEV_INT; do for IP in $DEV_EXT; do $IPTABLES -A INPUT -j LOG ${LOG}"-ACCESS_DENIED_INT " -i $DEV -d $IP $IPTABLES -A INPUT -i $DEV -d $IP -j "$DROP" done done -- Togan Muftuoglu Unofficial SuSE FAQ Maintainer http://dinamizm.ath.cx
participants (2)
-
Jerry A! -
Togan Muftuoglu