Hi again Franky, First meat!! ---- SEE: [Linux Magazine | DEPARTMENTS | BEST DEFENSE] (Paul Russell's) (My preferred one!!) http://www.linux-mag.com/depts/bestdefense.html ALSO see, the embedded on above article, from [Linux Magazine] (also): (A very detailed REF) [ipchains: Packet Filtering for Linux 2.2] (Paul Russell's also) http://www.linux-mag.com/1999-05/bestdefense_01.html ---- Then explanations!! ---- I will cross post to [suse-security] (suse-security@suse.com) also, because i think there is much better the focal point for your query!! =:`) ANYWAY, also because it's a much interesting question (this of FireWalling), to me and the general audience. Look there also for possible answers, it's very complete. I'm not much literate on Kernel ipchains, BUT one thing i know for sure is that on the (it will be, hope soon!!) Kernel 2.4, this will change substantially. This is a major reason because i'm waiting it anxiously!! =8`) It will appear the new functionality of "Netfilter" which is designed and maintained by Paul Russell, if i'm not in mistake. This radically changes Firewall management on Linux, and makes it much easier. WORTH A LOOK!! I do not answer you directly to your proposed query and SuSE 6.4 issue, but i think it's worth drinking from sources, thought!! =:`) ---- HTH Best regards, Eduardo Carriles [-- Better a smile than a flame --] (Long time SuSE-Linux [prefered distro] user). [-- Se me nota mucho? --] [-- Have a lot of fun...] ---- Franky GOETHALS wrote:

Hello all,

Since i while i've remarked the following lines in my firewall-log :

Jul 18 21:40:11 penguin dhcpcd[109]: sending DHCP_REQUEST for 213.224.69.28 to 195.130.132.18 Jul 18 21:40:11 penguin kernel: Packet log: input DENY eth0 PROTO=17 195.130.132.18:67 213.224.69.28:68 L=330 S=0x00 I=60193 F=0x4000 T=252 (#127) Jul 18 21:40:11 penguin dhcpcd[109]: DHCP_ACK received from (195.130.132.18)

Does anyone can help me ? I appears to be in the 'critical' messages for the firewall.

I would like to allow these requests through my firewall, but i didn't succeed. I'm trying to configure it with YAST & FW_- variables in the configuration-file.

Thanks in advance,

Franky.

-- =================================== GOETHALS Franky Driegaaienstraat 104 B-9100 SINT-NIKLAAS B E L G I E

Tel./Fax : 32 - (0)3 / 776.10.09 GSM : 32 - (0)478 / 21.40.94 franky.goethals@pandora.be ===================================