Thanks a lot Armin, you were absolutely right. It was my fault. I did not open the ports in "FW_SERVICES_EXT_???" like I did using Suse 8.1. The problem was, that SuSefirewall2 prompted something like unknown Service if those applications wasn't running at firewall startup. So I thought that there was no need to open highports anymore in the services because I allowed them already in "ALLOW_INCOMING_HIGHPORTS_xxx". Now I changed it and everything seems to run fine. Thanx a lot! Best regards, Volker At 09:42 24.06.2003 +0000, Armin Schoech wrote:

Hi Volker !

...

Now if an application that is listening on highports (>1024) is already running before the reconnect takes place (e.G. mldonkey and hts), after the reconnection SuSefirewall2 is dropping packets to these highports which were accessable before the reconnection. E.G. mldonkey then only gets lo-ids and I can't access my machine via hts which is running @ port 4xxx. I'm not sure if SuSefirewall2 blocks all highports or only these on which the applications are listening. Lowports aren't affected. I still can connect to Apache and SSH after the reconnect.

--> What about the FW_AUTOPROTECT_SERVICES in /etc/sysconfig/SuSEfirewall ? I would assume that setting this to "yes" will have exactly the effect you describe.

Have you considered to enter the ports you need in "FW_TRUSTED_NETS" or "FW_SERVICES_EXT_???" ?

HTH, Armin

-- Am Hasenberg 26 office: Institut für Atmosphärenphysik D-18209 Bad Doberan Schloss-Straße 6 Tel. ++49-(0)38203/42137 D-18225 Kühlungsborn / GERMANY Email: schoech@iap-kborn.de Tel. +49-(0)38293-68-102 WWW: http://armins.cjb.net/ Fax. +49-(0)38293-68-50

-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here