[opensuse-security] How can I disable SuseFirewall on opensuse 10.3 and use my custom rules?
Hello everyone! I use OpenSuse since v9.0 and sometimes I needed disable SuseFirewall and used script "iptables" from RedHat. It worked fine.. but I have troubles with OpenSuse 10.3. Of course I disabled Susefirewall from Yast and checked with chkconfig: # chkconfig |grep wall SuSEfirewall2_init off SuSEfirewall2_setup off Then I copied my script and enabled: #chkconfig iptables on # chkconfig -l iptables iptables 0:off 1:off 2:off 3:on 4:off 5:on 6:off But my script didn't work in boot time. And rules have discarded when I used "ifup dsl0" for VPN. Last thing is the most annoying. When I run my script manually : /etc/init.d/iptables start everything is okey. Why does SuseFirewall work? What should I do? Is it a bug? -- Faithfully yours, Vladislav. Key fingerprint = 67CC FA3F 5018 1300 010D 6C26 796D 3965 7B04 2EC6 --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org
Have you checked the contents of /etc/sysconfig/network/config and dhcp? In one of those is an instruction to start the firewall when a connection comes up. Thus, your ifup is doing exactly what it has been told to do - bring up the suse firewall. You have to tell it to stop doing that in one of those files I listed, and then run "SuSEconfig" to ensure the change is propagated. --Jon Robison On Fri, Jul 11, 2008 at 3:55 PM, Vlad <vladislav.kisliy@gmail.com> wrote:
Hello everyone! I use OpenSuse since v9.0 and sometimes I needed disable SuseFirewall and used script "iptables" from RedHat. It worked fine.. but I have troubles with OpenSuse 10.3. Of course I disabled Susefirewall from Yast and checked with chkconfig: # chkconfig |grep wall SuSEfirewall2_init off SuSEfirewall2_setup off
Then I copied my script and enabled: #chkconfig iptables on # chkconfig -l iptables iptables 0:off 1:off 2:off 3:on 4:off 5:on 6:off
But my script didn't work in boot time. And rules have discarded when I used "ifup dsl0" for VPN. Last thing is the most annoying. When I run my script manually : /etc/init.d/iptables start everything is okey.
Why does SuseFirewall work? What should I do? Is it a bug?
--
Faithfully yours, Vladislav.
Key fingerprint = 67CC FA3F 5018 1300 010D 6C26 796D 3965 7B04 2EC6 --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org
-- Fred Allen - "Television is a medium because anything well done is rare." --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org
В сообщении от 11 июля 2008 вы написали:
Have you checked the contents of /etc/sysconfig/network/config and dhcp?
In one of those is an instruction to start the firewall when a connection comes up. Thus, your ifup is doing exactly what it has been told to do - bring up the suse firewall. You have to tell it to stop doing that in one of those files I listed, and then run "SuSEconfig" to ensure the change is propagated.
Your advice was very useful. It has worked and everthing is okey.. Thanks a lot! -- Faithfully yours, Vladislav. Key fingerprint = 67CC FA3F 5018 1300 010D 6C26 796D 3965 7B04 2EC6 --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org
I'm glad to hear it. I think perhaps I will file an enhancement request on this. --Jonathon On Sat, Jul 12, 2008 at 4:04 AM, Vlad <vladislav.kisliy@gmail.com> wrote:
В сообщении от 11 июля 2008 вы написали:
Have you checked the contents of /etc/sysconfig/network/config and dhcp?
In one of those is an instruction to start the firewall when a connection comes up. Thus, your ifup is doing exactly what it has been told to do - bring up the suse firewall. You have to tell it to stop doing that in one of those files I listed, and then run "SuSEconfig" to ensure the change is propagated.
Your advice was very useful. It has worked and everthing is okey.. Thanks a lot!
--
Faithfully yours, Vladislav.
Key fingerprint = 67CC FA3F 5018 1300 010D 6C26 796D 3965 7B04 2EC6
-- PJ O'Rourke - "If government were a product, selling it would be illegal."
I never activate the SuSE Firewall, I always use my own rules. Enter in yast, runlevel adminsitrator and erase from runlevel 3 and 5 the susefirewall After, creting you own rule fileset, start with: iptables -t nat -F iptables -t filter -F Both line FLUSH both tables: filter (firewall) and nat (masquerade, dnat and snat) Vlad wrote:
Hello everyone! I use OpenSuse since v9.0 and sometimes I needed disable SuseFirewall and used script "iptables" from RedHat. It worked fine.. but I have troubles with OpenSuse 10.3. Of course I disabled Susefirewall from Yast and checked with chkconfig: # chkconfig |grep wall SuSEfirewall2_init off SuSEfirewall2_setup off
Then I copied my script and enabled: #chkconfig iptables on # chkconfig -l iptables iptables 0:off 1:off 2:off 3:on 4:off 5:on 6:off
But my script didn't work in boot time. And rules have discarded when I used "ifup dsl0" for VPN. Last thing is the most annoying. When I run my script manually : /etc/init.d/iptables start everything is okey.
Why does SuseFirewall work? What should I do? Is it a bug?
--------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org
participants (3)
-
"Hipólito A. González M." -
Jonathon Robison -
Vlad